SQSCANGHA-140 Add OpenPGP signature verification for scanner downloads (#235)

2026-05-16 15:45:52 +00:00 · 2026-04-28 15:49:48 +02:00 · 2026-04-28 15:49:48 +02:00 · 55e44800a8
commit 55e44800a8
parent 30dbe5c9ee
17 changed files with 33778 additions and 41 deletions
--- a/package-lock.json
+++ b/package-lock.json
@ -10,6 +10,7 @@
      "license": "LGPL-3.0-only",
      "dependencies": {
        "@actions/core": "3.0.0",
+        "@actions/exec": "2.0.0",
        "@actions/github": "9.0.0",
        "@actions/tool-cache": "4.0.0",
        "string-argv": "0.3.2"
@ -31,7 +32,7 @@
        "@actions/http-client": "^4.0.0"
      }
    },
-    "node_modules/@actions/exec": {
+    "node_modules/@actions/core/node_modules/@actions/exec": {
      "version": "3.0.0",
      "resolved": "https://repox.jfrog.io/artifactory/api/npm/npm/@actions/exec/-/exec-3.0.0.tgz",
      "integrity": "sha512-6xH/puSoNBXb72VPlZVm7vQ+svQpFyA96qdDBvhB8eNZOE8LtPf9L4oAsfzK/crCL8YZ+19fKYVnM63Sl+Xzlw==",
@ -40,6 +41,21 @@
        "@actions/io": "^3.0.2"
      }
    },
+    "node_modules/@actions/exec": {
+      "version": "2.0.0",
+      "resolved": "https://repox.jfrog.io/artifactory/api/npm/npm/@actions/exec/-/exec-2.0.0.tgz",
+      "integrity": "sha512-k8ngrX2voJ/RIN6r9xB82NVqKpnMRtxDoiO+g3olkIUpQNqjArXrCQceduQZCQj3P3xm32pChRLqRrtXTlqhIw==",
+      "license": "MIT",
+      "dependencies": {
+        "@actions/io": "^2.0.0"
+      }
+    },
+    "node_modules/@actions/exec/node_modules/@actions/io": {
+      "version": "2.0.0",
+      "resolved": "https://repox.jfrog.io/artifactory/api/npm/npm/@actions/io/-/io-2.0.0.tgz",
+      "integrity": "sha512-Jv33IN09XLO+0HS79aaODsvIRyduiF7NY/F6LYeK5oeUmrsz7aFdRphQjFoESF4jS7lMauDOttKALcpapVDIAg==",
+      "license": "MIT"
+    },
    "node_modules/@actions/github": {
      "version": "9.0.0",
      "resolved": "https://repox.jfrog.io/artifactory/api/npm/npm/@actions/github/-/github-9.0.0.tgz",
@ -94,6 +110,15 @@
        "semver": "^7.7.3"
      }
    },
+    "node_modules/@actions/tool-cache/node_modules/@actions/exec": {
+      "version": "3.0.0",
+      "resolved": "https://repox.jfrog.io/artifactory/api/npm/npm/@actions/exec/-/exec-3.0.0.tgz",
+      "integrity": "sha512-6xH/puSoNBXb72VPlZVm7vQ+svQpFyA96qdDBvhB8eNZOE8LtPf9L4oAsfzK/crCL8YZ+19fKYVnM63Sl+Xzlw==",
+      "license": "MIT",
+      "dependencies": {
+        "@actions/io": "^3.0.2"
+      }
+    },
    "node_modules/@jridgewell/sourcemap-codec": {
      "version": "1.5.5",
      "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.5.tgz",