3bd173d61a
build(deps): bump minimist from 1.2.5 to 1.2.6
...
Bumps [minimist](https://github.com/substack/minimist ) from 1.2.5 to 1.2.6.
- [Release notes](https://github.com/substack/minimist/releases )
- [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6 )
---
updated-dependencies:
- dependency-name: minimist
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-29 18:07:33 -07:00
479e80d6a9
fix: handle MainMenu.nib mismatch in Electron 18 ( #42 )
2022-03-09 11:04:13 -08:00
2c3c1a60a0
build(deps): bump node-fetch from 2.6.1 to 2.6.7 ( #38 )
...
Bumps [node-fetch](https://github.com/node-fetch/node-fetch ) from 2.6.1 to 2.6.7.
- [Release notes](https://github.com/node-fetch/node-fetch/releases )
- [Commits](https://github.com/node-fetch/node-fetch/compare/v2.6.1...v2.6.7 )
---
updated-dependencies:
- dependency-name: node-fetch
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 11:50:56 -08:00
cdcbe58dee
build(deps): bump trim-off-newlines from 1.0.1 to 1.0.3 ( #37 )
...
Bumps [trim-off-newlines](https://github.com/stevemao/trim-off-newlines ) from 1.0.1 to 1.0.3.
- [Release notes](https://github.com/stevemao/trim-off-newlines/releases )
- [Commits](https://github.com/stevemao/trim-off-newlines/compare/v1.0.1...v1.0.3 )
---
updated-dependencies:
- dependency-name: trim-off-newlines
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-03 11:50:50 -08:00
38ab1c3559
feat: add option to merge ASARs ( #34 )
...
* feat: fuse ASARs
* Rename, improve
* Rename option
* Drop universal from MACHO_MAGIC
2022-01-25 10:35:57 +13:00
9f86e1dd2b
Merge pull request #30 from v-gjy/patch-1
...
chore: add repository info to package.json
2021-10-19 12:54:39 -05:00
a626463c95
Update package.json to include the repository
...
Hi there!
This change adds the repository property to your package.json file(s). Having this available provides a number of benefits to security tooling. For example, it allows for greater trust by checking for signed commits, contributors to a release and validating history with the project. It also allows for comparison between the source code and the published artifact in order to detect attacks on authors during the publication process.
We validate that we're making a PR against the correct repository by comparing the metadata for the published artifact on [npmjs.com](www.npmjs.com) against the metadata in the package.json file in the repository.
This change is provided by a team at Microsoft -- we're happy to answer any questions you may have. (Members of this team include [@s-tuli](https://github.com/s-tuli ), [@iarna](https://github.com/iarna ), [@rancyr](https://github.com/v-rr ), [@Jaydon Peng](https://github.com/v-jiepeng ), [@Zhongpeng Zhou](https://github.com/v-zhzhou ) and [@Jingying Gu](https://github.com/v-gjy )). If you would prefer that we not make these sorts of PRs to projects you maintain, please just say. If you'd like to learn more about what we're doing here, we've prepared a document talking about both this project and some of our other activities around supply chain security here: [microsoft/Secure-Supply-Chain](https://github.com/microsoft/Secure-Supply-Chain )
This PR provides repository metadata for the following packages:
* @electron/universal
2021-10-18 14:15:32 +08:00
36b58a84f3
feat: add support for auto-merging ElectronAsarIntegrity values
2021-09-15 12:50:03 -07:00
fe8d99e31d
build(deps): bump tar from 4.4.15 to 4.4.19
...
Bumps [tar](https://github.com/npm/node-tar ) from 4.4.15 to 4.4.19.
- [Release notes](https://github.com/npm/node-tar/releases )
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/npm/node-tar/compare/v4.4.15...v4.4.19 )
---
updated-dependencies:
- dependency-name: tar
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-09-02 11:43:24 -07:00
d336231787
build(deps): bump path-parse from 1.0.6 to 1.0.7
...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse ) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases )
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7 )
---
updated-dependencies:
- dependency-name: path-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-08-12 15:49:25 -07:00
6cd85d89aa
chore: update deps
2021-07-30 01:36:40 -07:00
7b1c610963
Merge pull request #25 from electron/dependabot/npm_and_yarn/glob-parent-5.1.2
...
build(deps): bump glob-parent from 5.1.1 to 5.1.2
2021-06-09 09:24:07 -05:00
060a299188
Merge pull request #24 from electron/dependabot/npm_and_yarn/trim-newlines-3.0.1
...
build(deps): bump trim-newlines from 3.0.0 to 3.0.1
2021-06-09 09:23:58 -05:00
64420e4c32
build(deps): bump glob-parent from 5.1.1 to 5.1.2
...
Bumps [glob-parent](https://github.com/gulpjs/glob-parent ) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases )
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md )
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2 )
---
updated-dependencies:
- dependency-name: glob-parent
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-09 14:22:23 +00:00
2b411ce98b
build(deps): bump trim-newlines from 3.0.0 to 3.0.1
...
Bumps [trim-newlines](https://github.com/sindresorhus/trim-newlines ) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/sindresorhus/trim-newlines/releases )
- [Commits](https://github.com/sindresorhus/trim-newlines/commits )
---
updated-dependencies:
- dependency-name: trim-newlines
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-09 14:22:22 +00:00
e80eed7f69
Merge pull request #23 from electron/dependabot/npm_and_yarn/normalize-url-4.5.1
...
build(deps): bump normalize-url from 4.5.0 to 4.5.1
2021-06-09 09:21:54 -05:00
6053796432
build(deps): bump normalize-url from 4.5.0 to 4.5.1
...
Bumps [normalize-url](https://github.com/sindresorhus/normalize-url ) from 4.5.0 to 4.5.1.
- [Release notes](https://github.com/sindresorhus/normalize-url/releases )
- [Commits](https://github.com/sindresorhus/normalize-url/commits )
---
updated-dependencies:
- dependency-name: normalize-url
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-09 02:23:44 +00:00
0a1d0f916c
build(deps): bump hosted-git-info from 2.8.8 to 2.8.9
...
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info ) from 2.8.8 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases )
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md )
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-12 22:10:18 -07:00
1d4e198ba5
build(deps): bump lodash from 4.17.20 to 4.17.21
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-12 22:10:08 -07:00
2f06fcab5f
build(deps): bump handlebars from 4.7.6 to 4.7.7
...
Bumps [handlebars](https://github.com/wycats/handlebars.js ) from 4.7.6 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases )
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md )
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.7.6...v4.7.7 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-12 22:09:50 -07:00
e7d57dd1e5
fix: /usr/bin/file can return errors on MacOS; ignore these errors ( #13 )
...
Co-authored-by: Andrew Plotkin <zarf@ZarfLent.local>
2021-05-08 21:14:36 -07:00
d9b1b4104f
build(deps): bump ssri from 6.0.1 to 6.0.2 ( #19 )
...
Bumps [ssri](https://github.com/npm/ssri ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases )
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md )
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-05-08 21:13:52 -07:00
b445fa1974
Merge pull request #15 from electron/dependabot/npm_and_yarn/y18n-3.2.2
...
build(deps): bump y18n from 3.2.1 to 3.2.2
2021-04-05 23:11:27 -05:00
f265d1f5e2
build(deps): bump y18n from 3.2.1 to 3.2.2
...
Bumps [y18n](https://github.com/yargs/y18n ) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/yargs/y18n/releases )
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/y18n/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-01 07:54:28 +00:00
a05a5e6db8
build(deps): bump ini from 1.3.5 to 1.3.8
...
Bumps [ini](https://github.com/isaacs/ini ) from 1.3.5 to 1.3.8.
- [Release notes](https://github.com/isaacs/ini/releases )
- [Commits](https://github.com/isaacs/ini/compare/v1.3.5...v1.3.8 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-12-14 09:11:26 -08:00
8c55e5b4f3
docs: update CircleCI readme badge
2020-11-26 13:42:27 -08:00
477a52e779
fix: use setEncoding() and read() for crypto.createHash instead of digest() ( #11 )
2020-11-20 02:05:59 -08:00
107823fc2c
fix: use realpath when scanning app files
2020-11-19 14:43:08 -08:00
621083fe1f
fix: add debug logging
2020-11-19 10:01:20 -08:00
0770238718
chore: cleanup files and split into modules
2020-11-19 09:49:17 -08:00
c01deb5576
build: fix lockfile
2020-11-19 09:39:03 -08:00
82acb6fc72
fix: no asar support ( #4 ), renamed directories ( #5 ) and check if we need to duplicate asar's ( #2 ) ( #8 )
...
* fix: no asar support (#4 ), renamed directories (#5 ) and check if we need to duplicate asar's (#1 )
* Add missing newline
2020-11-19 09:34:14 -08:00
8bb61593b2
fix: add "entry-asar/*" to the files section of package.json ( fixes #3 ) ( #7 )
2020-11-19 09:33:42 -08:00
3ebf924651
build(deps-dev): bump semantic-release from 17.2.2 to 17.2.3
...
Bumps [semantic-release](https://github.com/semantic-release/semantic-release ) from 17.2.2 to 17.2.3.
- [Release notes](https://github.com/semantic-release/semantic-release/releases )
- [Commits](https://github.com/semantic-release/semantic-release/compare/v17.2.2...v17.2.3 )
Signed-off-by: dependabot[bot] <support@github.com>
2020-11-18 15:14:48 -08:00
46a3b7e94d
docs: update README
2020-11-13 14:30:01 -08:00
19edbb0a3f
build: move to support CFA branch naming
2020-11-13 14:01:49 -08:00
7a807da97e
build: actually release things on the main branch
2020-11-13 13:56:52 -08:00
b51f5a7f2d
build: use node 14.15 for semantic release
2020-11-13 13:50:59 -08:00
dae523770c
build: use node 10.18 for semantic release
2020-11-13 13:21:28 -08:00
f96b8a58d6
docs: fix typo in README
2020-11-13 13:17:17 -08:00
4355ed54e6
build: trigger release on main branch
2020-11-13 13:16:45 -08:00
468883dccb
chore: update README
2020-11-13 13:13:39 -08:00
395c31eb71
build: add CI
2020-11-13 13:02:04 -08:00
20e56d9c40
chore: update dependencies
2020-11-12 16:27:58 -08:00
46ff9c4b38
feat: add support for v8 snapshots and cross-arch app code
2020-11-12 16:18:06 -08:00
c6136396fd
docs: update usage docs
2020-10-26 15:33:06 -07:00
84a12a4685
fix: remove stray console.log
2020-10-21 13:30:49 -07:00
163f495b6b
Initial Commit
2020-10-21 13:30:28 -07:00
dependabot[bot]
Samuel Attard
Fedor Indutny
Charles Kerr
Jingying Gu
Andrew Plotkin
Samuel Attard
Niels Leenheer