chore: update dependencies & configs

.github/dependabot.yml

@@ -4,6 +4,8 @@ updates:
     directory: /
     schedule:
       interval: monthly
+    cooldown:
+      default-days: 5
     groups:
       github-actions:
         patterns:
@@ -14,6 +16,8 @@ updates:
     versioning-strategy: widen
     schedule:
       interval: weekly
+    cooldown:
+      default-days: 5
     groups:
       dependencies:
         dependency-type: "production"

.github/workflows/node.js.yml

@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        node-version: [20.x]
+        node-version: [24.x]
       fail-fast: false
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -20,7 +20,7 @@ jobs:
         with:
           node-version: ${{ matrix.node-version }}
       - name: Install dependencies
-        run: npm i
+        run: npm install --ignore-scripts
       - name: Lint
         run: npm run lint
       - name: Run tests

.github/workflows/publish.yml

@@ -0,0 +1,29 @@
+name: Publish Package
+
+on:
+  push:
+    tags:
+      - 'v*'
+
+permissions:
+  id-token: write  # Required for OIDC
+  contents: read
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+
+      - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
+        with:
+          node-version: '24.x'
+          registry-url: 'https://registry.npmjs.org'
+
+      # Ensure npm 11.5.1 or later is installed
+      - name: Update npm
+        run: npm install -g npm@latest
+      - run: npm install --ignore-scripts
+      - run: npm run build --if-present
+      - run: npm test
+      - run: npm publish

.npmrc

@@ -1 +1,3 @@
 package-lock=false
+save-exact=true
+ignore-scripts=true

package.json

@@ -6,12 +6,17 @@
   "exports": "./dist/index.js",
   "types": "./dist/index.d.ts",
   "scripts": {
-    "build": "rimraf ./dist && tsc",
+    "build": "tsc",
     "prepublishOnly": "npm run build",
-    "test": "glob -c \"tsx --test\" \"./test/**/*.spec.ts\"",
+    "test": "node --test ./test/**/*.spec.ts",
     "coverage": "c8 --all -r html npm test",
     "lint": "eslint src test"
   },
+  "publishConfig": {
+    "registry": "https://registry.npmjs.org",
+    "access": "public",
+    "provenance": true
+  },
   "repository": {
     "type": "git",
     "url": "git+https://github.com/dashlog/core.git"
@@ -27,22 +32,19 @@
   },
   "homepage": "https://github.com/dashlog/core#readme",
   "devDependencies": {
-    "@openally/config.eslint": "^2.1.0",
-    "@openally/config.typescript": "^1.0.3",
-    "@types/node": "^22.15.21",
-    "c8": "^10.1.2",
-    "glob": "^11.0.0",
-    "rimraf": "^6.0.1",
-    "tsx": "^4.16.2"
+    "@openally/config.eslint": "^2.2.0",
+    "@openally/config.typescript": "^1.2.1",
+    "@types/node": "^25.0.3",
+    "c8": "^10.1.2"
   },
   "dependencies": {
     "@dashlog/fetch-github-repositories": "^3.0.2",
-    "@myunisoft/httpie": "^5.0.0",
-    "@nodesecure/npm-registry-sdk": "^3.0.0",
-    "@nodesecure/npm-types": "^1.2.0",
+    "@nodesecure/npm-registry-sdk": "^4.4.0",
+    "@nodesecure/npm-types": "^1.3.0",
     "@nodesecure/ossf-scorecard-sdk": "^3.2.1",
-    "@nodesecure/scanner": "^6.4.0",
-    "@octokit/types": "^14.0.0",
-    "@openally/mutex": "^1.0.0"
+    "@nodesecure/scanner": "^8.2.0",
+    "@octokit/types": "^16.0.0",
+    "@openally/httpie": "1.0.0",
+    "@openally/mutex": "^2.0.0"
   }
 }

src/index.ts

@@ -1,7 +1,7 @@
 // Import Internal Dependencies
-import Github from "./services/github.js";
-import * as plugins from "./plugins/index.js";
-import { type DashlogRepository } from "./services/repository.js";
+import Github from "./services/github.ts";
+import * as plugins from "./plugins/index.ts";
+import { type DashlogRepository } from "./services/repository.ts";
 
 export type DashlogAllPlugins =
   plugins.nodesecure.NodesecurePlugin &
@@ -14,13 +14,13 @@ export type DashlogOrganization<T extends object> = {
   projects: DashlogRepository<T>[];
 };
 
-export interface IFetchOrgMetadataOptions<Plugins extends DashlogPlugins> {
+export interface FetchOrgMetadataOptions<Plugins extends DashlogPlugins> {
   plugins: Plugins[];
 }
 
 export async function fetchOrgMetadata<T extends DashlogPlugins>(
   orgName: string,
-  options: IFetchOrgMetadataOptions<T> = { plugins: [] }
+  options: FetchOrgMetadataOptions<T> = { plugins: [] }
 ): Promise<DashlogOrganization<Pick<DashlogAllPlugins, T>>> {
   const githubRepository = new Github(orgName);
 

src/plugins/index.ts

@@ -1,2 +1,2 @@
-export * as scorecard from "./scorecard.js";
-export * as nodesecure from "./nodesecure.js";
+export * as scorecard from "./scorecard.ts";
+export * as nodesecure from "./nodesecure.ts";

src/plugins/nodesecure.ts

@@ -3,7 +3,7 @@ import * as scanner from "@nodesecure/scanner";
 import { Mutex } from "@openally/mutex";
 
 // Import Internal Dependencies
-import { type DashlogRepository } from "../services/repository.js";
+import { type DashlogRepository } from "../services/repository.ts";
 
 // CONSTANTS
 const kScannerLock = new Mutex({ concurrency: 5 });

src/plugins/scorecard.ts

@@ -2,7 +2,7 @@
 import * as scorecard from "@nodesecure/ossf-scorecard-sdk";
 
 // Import Internal Dependencies
-import { type DashlogRepository } from "../services/repository.js";
+import { type DashlogRepository } from "../services/repository.ts";
 
 export type ScorecardPlugin = {
   scorecard?: scorecard.ScorecardResult | null;

src/services/github.ts

@@ -1,10 +1,10 @@
 // Import Third-party Dependencies
-import * as httpie from "@myunisoft/httpie";
+import * as httpie from "@openally/httpie";
 import type { Endpoints } from "@octokit/types";
 import { fetchLazy } from "@dashlog/fetch-github-repositories";
 
 // Import Internal Dependencies
-import GithubRepository, { type DashlogRepository } from "./repository.js";
+import GithubRepository, { type DashlogRepository } from "./repository.ts";
 
 export default class Github {
   public orgName: string;

src/services/repository.ts

@@ -2,15 +2,15 @@
 import path from "node:path";
 
 // Import Third-party Dependencies
-import * as httpie from "@myunisoft/httpie";
+import * as httpie from "@openally/httpie";
 import type { Endpoints } from "@octokit/types";
 import * as Dashlog from "@dashlog/fetch-github-repositories";
 import { packument } from "@nodesecure/npm-registry-sdk";
 import type { PackageJSON } from "@nodesecure/npm-types";
 
 // Import Internal Dependencies
-import Github from "./github.js";
-import { getCoverageLib, getTestFrameworkName } from "../utils/index.js";
+import Github from "./github.ts";
+import { getCoverageLib, getTestFrameworkName } from "../utils/index.ts";
 
 // CONSTANTS
 const kMaxCommitFetch = 60;

src/utils/index.ts

@@ -1,2 +1,2 @@
-export * from "./getCoverageLib.js";
-export * from "./getTestFrameworkName.js";
+export * from "./getCoverageLib.ts";
+export * from "./getTestFrameworkName.ts";

test/getCoverageLib.spec.ts

@@ -3,7 +3,7 @@ import { describe, it } from "node:test";
 import assert from "node:assert/strict";
 
 // Import Internal Dependencies
-import { getCoverageLib } from "../src/utils";
+import { getCoverageLib } from "../src/utils/index.ts";
 
 describe("getCoverageLib()", () => {
   it("Should return N/A", () => {

test/getTestFrameworkName.spec.ts

@@ -3,7 +3,7 @@ import { describe, it } from "node:test";
 import assert from "node:assert/strict";
 
 // Import Internal Dependencies
-import { getTestFrameworkName } from "../src/utils";
+import { getTestFrameworkName } from "../src/utils/index.ts";
 
 describe("getTestFrameworkName()", () => {
   it("Should return N/A", () => {

test/github.spec.ts

@@ -5,14 +5,17 @@ import fs from "node:fs";
 
 // Import Third-party Dependencies
 import { MockAgent, setGlobalDispatcher } from "undici";
+import type { Repository } from "@dashlog/fetch-github-repositories";
 
 // Import Internal Dependencies
-import Github from "../src/services/github.js";
+import Github from "../src/services/github.ts";
 
 const kMaxCommitFetch = 60;
 
 const nsGithubOrg = JSON.parse(fs.readFileSync("./test/fixtures/nodesecure-github-org.json", "utf-8"));
-const repositories = JSON.parse(fs.readFileSync("./test/fixtures/repos.json", "utf-8"));
+const repositories = JSON.parse(
+  fs.readFileSync("./test/fixtures/repos.json", "utf-8")
+) as Repository[];
 const issues = JSON.parse(fs.readFileSync("./test/fixtures/issues.json", "utf-8"));
 const pulls = JSON.parse(fs.readFileSync("./test/fixtures/pulls.json", "utf-8"));
 const commits = JSON.parse(fs.readFileSync("./test/fixtures/commits.json", "utf-8"));

test/plugins/nodesecure.spec.ts

@@ -6,7 +6,7 @@ import assert from "node:assert";
 import { MockAgent, setGlobalDispatcher } from "undici";
 
 // Import Internal Dependencies
-import { execute } from "../../src/plugins/nodesecure";
+import { execute } from "../../src/plugins/nodesecure.ts";
 
 const kApiUrl = "https://api.securityscorecards.dev";
 

test/plugins/scorecard.spec.ts

@@ -6,7 +6,7 @@ import assert from "node:assert";
 import { MockAgent, setGlobalDispatcher } from "undici";
 
 // Import Internal Dependencies
-import { execute } from "../../src/plugins/scorecard";
+import { execute } from "../../src/plugins/scorecard.ts";
 
 const kApiUrl = "https://api.securityscorecards.dev";
 

tsconfig.json

@@ -1,5 +1,5 @@
 {
-  "extends": "@openally/config.typescript/esm",
+  "extends": "@openally/config.typescript/esm-ts-next",
   "compilerOptions": {
     "outDir": "dist",
     "rootDir": "./src"