chore(security): minor updates

.dockerignore

@@ -32,6 +32,7 @@
 .yarn/*
 !.yarn/releases
 !.yarn/plugins
+!.yarn/patches
 !.yarn/versions
 .pnp.*
 # ignore sdk stuff

.github/dependabot.yml

@@ -1,6 +1,6 @@
 version: 2
 updates:
-  - package-ecosystem: 'github-actions'
-    directory: '/'
+  - package-ecosystem: github-actions
+    directory: /
     schedule:
-      interval: 'daily'
+      interval: daily

.github/workflows/build-test-push.yml

@@ -14,6 +14,22 @@
 
 name: Build, test, and push service images
 
+permissions:
+  packages: write
+  security-events: write
+  id-token: write
+  actions: read
+  checks: read
+  contents: read
+  deployments: read
+  issues: read
+  discussions: read
+  pages: read
+  pull-requests: read
+  repository-projects: read
+  statuses: read
+  attestations: read
+
 on:
   push:
   pull_request:

.github/workflows/codeql-analysis.yml

@@ -9,7 +9,7 @@
 # the `language` matrix defined below to confirm you have the correct set of
 # supported CodeQL languages.
 #
-name: 'CodeQL'
+name: CodeQL
 
 on:
   push:
@@ -18,7 +18,7 @@ on:
     # The branches below must be a subset of the branches above
     branches: [master]
   schedule:
-    - cron: '25 20 * * 4'
+    - cron: 25 20 * * 4
 
 jobs:
   analyze:
@@ -28,7 +28,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        language: ['javascript']
+        language: [javascript]
         # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ]
         # Learn more:
         # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed

.gitignore

@@ -153,5 +153,6 @@ dist
 .yarn/*
 !.yarn/releases
 !.yarn/plugins
+!.yarn/patches
 !.yarn/versions
 .pnp.*

.vscode/settings.json

@@ -18,7 +18,7 @@
     "**/.pnp.*": true,
     "tags.*": true
   },
-  "prettier.prettierPath": ".yarn/sdks/prettier/index.js",
+  "prettier.prettierPath": ".yarn/sdks/prettier/index.cjs",
   "typescript.tsdk": ".yarn/sdks/typescript/lib",
   "typescript.enablePromptUseWorkspaceTsdk": true,
   "eslint.nodePath": ".yarn/sdks",
@@ -48,6 +48,7 @@
     "Buildx",
     "codeql",
     "coiholder",
+    "coijob",
     "cois",
     "copack",
     "ecoli",

README.md

@@ -35,7 +35,6 @@ To add this service to the services run with an OADA v3 server,
 simply add a snippet like the one in the previous section
 to your `docker-compose.override.yml`.
 
-
 ###Jobs
 
 The service provides the following job handlers:
@@ -76,6 +75,7 @@ let { target } = jobResult;
 ```
 
 ### `transcription`
+
 Sorry about the poor naming; this should eventually be deprecated and renamed...
 This job type is intended for specific workflows utilizing the startJobCreator in src/pdfJob to create jobs when
 docs show up in the trading-partner's or smithfield's `/bookmarks/services/trellisfw/documents` endpoints.

package.json

@@ -56,7 +56,6 @@
     "@overleaf/o-error": "^3.4.0",
     "@trellisfw/signatures": "^2.1.3",
     "axios": "^1.7.2",
-    "clone-deep": "^4.0.1",
     "convict": "^6.2.4",
     "convict-format-with-moment": "^6.2.0",
     "convict-format-with-validator": "^6.2.0",
@@ -70,14 +69,13 @@
   "devDependencies": {
     "@ava/typescript": "^5.0.0",
     "@tsconfig/node20": "^20.1.4",
-    "@types/clone-deep": "^4.0.4",
     "@types/convict": "^6.1.6",
     "@types/convict-format-with-validator": "^6.0.5",
     "@types/debug": "^4.1.12",
-    "@types/lodash": "^4.17.6",
-    "@types/node": "^20.14.9",
-    "@typescript-eslint/eslint-plugin": "^7.14.1",
-    "@typescript-eslint/parser": "^7.14.1",
+    "@types/lodash": "^4.17.7",
+    "@types/node": "^20.14.11",
+    "@typescript-eslint/eslint-plugin": "^7.16.1",
+    "@typescript-eslint/parser": "^7.16.1",
     "@yarnpkg/sdks": "^3.1.3",
     "assign-deep": "^1.0.1",
     "ava": "6.1.3",
@@ -99,8 +97,8 @@
     "eslint-plugin-node": "^11.1.0",
     "eslint-plugin-notice": "^1.0.0",
     "eslint-plugin-optimize-regex": "^1.2.1",
-    "eslint-plugin-prettier": "^5.1.3",
-    "eslint-plugin-promise": "^6.2.0",
+    "eslint-plugin-prettier": "^5.2.1",
+    "eslint-plugin-promise": "^6.4.0",
     "eslint-plugin-regexp": "^2.6.0",
     "eslint-plugin-security": "^3.0.1",
     "eslint-plugin-sonarjs": "^1.0.3",
@@ -109,8 +107,8 @@
     "json-ptr": "^3.1.1",
     "lodash": "^4.17.21",
     "object-hash": "^3.0.0",
-    "prettier": "^3.3.2",
-    "typescript": "5.5.2"
+    "prettier": "^3.3.3",
+    "typescript": "5.5.3"
   },
   "resolutions": {
     "xlsx": "https://cdn.sheetjs.com/xlsx-0.20.2/xlsx-0.20.2.tgz"
@@ -119,4 +117,4 @@
   "volta": {
     "node": "20.13.1"
   }
-}
+}

src/index.ts

@@ -35,10 +35,7 @@ import {
   jobHandler as pdfJobHandler,
   startJobCreator as pdfStartJobCreator,
 } from './pdfJob.js';
-
-import {
-  jobHandler as transcriptionOnlyJobHandler,
-} from './transcriptionOnly.js';
+import { jobHandler as transcriptionOnlyJobHandler } from './transcriptionOnly.js';
 
 const error = debug('target-helper:error');
 const info = debug('target-helper:info');
@@ -84,13 +81,13 @@ await Promise.all(
     // Set the job type handlers; don't timeout jobs due to other jobs taking too long
     service.on(
       'transcription',
-      config.get('timeouts.pdf')*jobsConcurrency,
+      config.get('timeouts.pdf') * jobsConcurrency,
       pdfJobHandler,
     );
 
     service.on(
       'transcription-only',
-      config.get('timeouts.pdf')*jobsConcurrency,
+      config.get('timeouts.pdf') * jobsConcurrency,
       transcriptionOnlyJobHandler,
     );
     // Service.on('asn', config.get('timeouts.asn'), asnJobHandler);