Conversation
…dvisories updates devDependencies and adds overrides pinning for brace-expansion and postcss clearing two moderate transitive advisories typescript6 no longer auto-injects @types/node ambient globals: - fortuna: reads Node entropy sources (process.*) via globalThis with a minimal local type (keeping the lib free of any dependencies) - tsconfig.test.json: adds "types": ["node"] ci: re-pin actions/checkout to v6.0.3 across all workflows verify-vectors: fixes rust warnings and sign_sth adds ed25519 and ml-dsa-44 secret-key parity checks
There was a problem hiding this comment.
Pull request overview
Updates the repository’s development toolchain and CI configuration, while adjusting TypeScript/Rust code to accommodate upstream changes (TypeScript 6 type behavior) and strengthen verification tooling.
Changes:
- Bumps JS devDependencies and adds npm overrides to address transitive advisories.
- Updates Fortuna’s Node entropy detection to avoid a hard dependency on
@types/node, and adds explicit Node types for test compilation. - Enhances Rust vector verification (secret-key parity checks + warning cleanup) and re-pins
actions/checkoutacross workflows.
Reviewed changes
Copilot reviewed 39 out of 41 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| tsconfig.test.json | Adds explicit Node types for tests |
| src/ts/fortuna.ts | Uses globalThis.process w/ minimal types |
| scripts/verify-vectors/src/sign_sth.rs | Adds Ed25519 + ML-DSA sk parity checks |
| scripts/verify-vectors/src/ecdsa_p256.rs | Tightens FieldBytes conversions / warnings |
| package.json | Updates dev toolchain + adds overrides |
| package-lock.json | Refreshes lockfile for new toolchain |
| bun.lock | Updates Bun lockfile + overrides |
| .github/workflows/wiki.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/verify-vectors.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-x25519.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-stream.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-slhdsa.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-slhdsa-acvp.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-sign.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-sign-hybrid.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-sign-hybrid-classical.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-serpent.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-ratchet.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-p256.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-nessie.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-montecarlo-ecb.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-montecarlo-cbc.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-mlkem.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-mldsa.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-merkle.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-hashing.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-ed25519.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-curve25519.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-core.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-chacha20.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-blake3.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-aes.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-aes-siv.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/unit-aes-montecarlo.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/release.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/publish.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/npm-remove.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/lint.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/e2e.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/ci-image.yml | Re-pins actions/checkout to v6.0.3 |
| .github/workflows/build.yml | Re-pins actions/checkout to v6.0.3 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
"types": ["node"]