additional cleanup

Author: sarasvoss

.github/actions/run-semgrep/run-semgrep.js

@@ -36,12 +36,12 @@ function getPrBaseBranch(owner, repo, branch, token) {
           } else {
             resolve(null);
           }
-        } catch (e) {
+        } catch (_e) {
           resolve(null);
         }
       });
     });
-    req.on('error', err => {
+    req.on('error', _err => {
       resolve(null);
     });
     req.end();

.github/actions/run-semgrep/run-semgrep.unit.test.js

@@ -263,7 +263,7 @@ describe('getSemgrepMetrics', () => {
   it('correctly parses semgrep JSON output', () => {
     const fakeInputFileName = 'fake-results.json';
 
-    jest.spyOn(fs, 'readFileSync').mockImplementation(fileName => {
+    jest.spyOn(fs, 'readFileSync').mockImplementation((fileName, _encoding) => {
       if (fileName === fakeInputFileName) {
         return JSON.stringify(exampleSemgrepOutput);
       }
@@ -282,7 +282,7 @@ describe('getSemgrepMetrics', () => {
   it('handles empty results', () => {
     const fakeInputFileName = 'fake-results.json';
 
-    jest.spyOn(fs, 'readFileSync').mockImplementation(fileName => {
+    jest.spyOn(fs, 'readFileSync').mockImplementation((fileName, _encoding) => {
       if (fileName === fakeInputFileName) {
         return JSON.stringify(emptySemgrepOutput);
       }

.github/workflows/CHANGELOGS/run_semgrep_scan.md

@@ -6,7 +6,7 @@ All notable changes to the **run_semgrep_scan** callable workflow are documented
 
 ### Changed
 
-- Updated workflow to support cross-repository usage by checking out the core-github-actions repository into a subdirectory and referencing all internal actions and scripts from that subdirectory. This ensures that required actions and scripts are always available, regardless of which repository invokes the workflow.
+- Updated workflow to support cross-repository usage by repo qualifying the internal composite action calls.
 
 ## 1.0.0
 

.github/workflows/run_semgrep_scan.yml

@@ -137,7 +137,7 @@ jobs:
       normalized_baseline: ${{ steps.semgrep.outputs.normalizedBaseline }}
 
     steps:
-      - name: Checkout Calling Repo
+      - name: Checkout code
         uses: actions/checkout@v4
         with:
           ref: ${{ inputs.commit_identifier }}
@@ -170,8 +170,8 @@ jobs:
           fi
 
       - name: Run Semgrep
-        id: semgrep
         uses: OpenSesame/core-github-actions/.github/actions/run-semgrep@actions/run-semgrep/1.0.0
+        id: semgrep
         env:
           INPUT_BASELINE: ${{ inputs.baseline_ref }}
           HAS_PR: ${{ steps.pr_check.outputs.pr_exists }}

.vscode/settings.json

@@ -43,5 +43,5 @@
 
   // Optional: Spell checker
   "cSpell.enabled": true,
-  "cSpell.words": ["nosemgrep", "opensesame", "reviewdog", "semgrep", "upserting"]
+  "cSpell.words": ["nosemgrep", "nvmrc", "opensesame", "reviewdog", "semgrep", "upserting"]
 }

package-lock.json

@@ -27,12 +27,9 @@
     "audit": "npm audit --audit-level=high --omit=dev",
     "lint:check": "eslint *.js --ext .js,.json",
     "lint:fix": "eslint *.js --ext .js,.json --fix",
-    "format:check": "prettier --check './*.js' './*.mjs' './*.json' './*.md' 'scripts/**/*.js' '.github/actions/**/*.yml' '.github/actions/**/*.md' '.github/actions/**/*.js'",
-    "format:fix": "prettier --write './*.js' './*.mjs' './*.json' './*.md' 'scripts/**/*.js' '.github/actions/**/*.yml' '.github/actions/**/*.md' '.github/actions/**/*.js'",
+    "format:check": "prettier --check './*.js' './*.mjs' './*.json' './*.md' 'scripts/**/*.js' '.github/actions/**/*.*'",
+    "format:fix": "prettier --write './*.js' './*.mjs' './*.json' './*.md' 'scripts/**/*.js' '.github/actions/**/*.*'",
     "scan": "semgrep --config=p/ci --config=p/security-audit --config=p/javascript ./*.js ./*.mjs ./*.json scripts/ .github/actions/",
     "check": "npm run audit && npm run test && npm run lint:check && npm run format:check && npm run scan"
-  },
-  "dependencies": {
-    "node-fetch": "3.3.2"
   }
 }