Bump gitleaks/gitleaks from 8.18.4 to 8.19.2 (#9)

<!-- markdownlint-disable-file MD041 -->

## Pull request checklist

Please check if your PR fulfills the following requirements:

- [ ] I have read the
[CONTRIBUTING](https://github.com/fabasoad/setup-mark-action/blob/main/CONTRIBUTING.md)
      doc.
- [ ] Tests for the changes have been added (for bug fixes / features).
- [ ] Docs have been reviewed and added / updated if needed (for bug
fixes / features).

## Pull request type

<!-- Please do not submit updates to dependencies unless it fixes an
issue. -->

<!-- Please try to limit your pull request to one type, submit multiple
pull
requests if needed. -->

Please check the type of change your PR introduces:

- [ ] Bugfix
- [ ] Feature
- [ ] Code style update (formatting, renaming)
- [ ] Refactoring (no functional changes, no api changes)
- [ ] Build related changes
- [ ] Documentation content changes
- [ ] Other (please describe):

## What is the current behavior

<!-- Please describe the current behavior that you are modifying, or
link to a
relevant issue. -->

## What is the new behavior

<!-- Please describe the behavior or changes that are being added by
this PR. -->

-
-
-

## Does this introduce a breaking change

- [ ] Yes
- [ ] No

<!-- If this introduces a breaking change, please describe the impact
and
migration path for existing applications below. -->

## Other information

<!-- Any other information that is important to this PR such as
screenshots of
how the component looks before and after the change. -->
<!-- This document was adapted from the open-source
[appium/appium](https://github.com/appium/appium/blob/master/.github/PULL_REQUEST_TEMPLATE.md)
repository. -->

---

Closes #{IssueNumber}

.github/workflows/functional-tests.yml

@@ -23,7 +23,7 @@ jobs:
       fail-fast: false
       matrix:
         os: ["ubuntu", "macos"]
-        version: ["latest", "10.0.1", "10.0.0", "9.13.0", "9.12.0", "9.11.1"]
+        version: ["latest", "11.0.1", "11.0.0", "10.0.1", "10.0.0", "9.13.0"]
     runs-on: ${{ matrix.os }}-latest
     steps:
       - name: Checkout ${{ github.repository }}

.pre-commit-config.yaml

@@ -3,6 +3,18 @@ default_install_hook_types: ["pre-commit", "pre-push"]
 default_stages: ["commit"]
 minimum_pre_commit_version: 2.18.0
 repos:
+  # Linting
+  - repo: local
+    hooks:
+      - id: prettier
+        name: Prettier
+        entry: prettier --write --ignore-unknown
+        language: node
+        types: [text]
+        args: []
+        # https://github.com/prettier/prettier/releases
+        additional_dependencies: ["prettier@3.3.3"]
+        stages: ["commit"]
   # Security
   - repo: https://github.com/Yelp/detect-secrets
     rev: v1.5.0
@@ -10,12 +22,12 @@ repos:
       - id: detect-secrets
         stages: ["commit", "push"]
   - repo: https://github.com/gitleaks/gitleaks
-    rev: v8.18.4
+    rev: v8.19.2
     hooks:
       - id: gitleaks
         stages: ["commit", "push"]
   - repo: https://github.com/fabasoad/pre-commit-grype
-    rev: v0.6.0
+    rev: v0.6.1
     hooks:
       - id: grype-dir
         args:
@@ -48,10 +60,6 @@ repos:
         args: ["-pyflakes="]
         stages: ["commit"]
   # Other
-  - repo: https://github.com/pre-commit/mirrors-prettier
-    rev: v3.1.0
-    hooks:
-      - id: prettier
   - repo: https://github.com/pre-commit/pre-commit-hooks
     rev: v4.6.0
     hooks:

action.yml

@@ -13,6 +13,12 @@ inputs:
 runs:
   using: "composite"
   steps:
+    - name: Validate inputs
+      env:
+        INPUT_VERSION: "${{ inputs.version }}"
+      run: ./validate-inputs.sh "${INPUT_VERSION}"
+      shell: sh
+      working-directory: ${{ github.action_path }}/src
     - name: Install kovetskiy/mark
       env:
         INPUT_VERSION: "${{ inputs.version }}"

src/install-mark.sh

@@ -1,52 +1,57 @@
 #!/usr/bin/env sh
 
-mark_version="$1"
+main() {
+  mark_version="${1}"
 
-# shellcheck disable=SC2039
-if command -v mark >/dev/null 2>&1; then
-  msg="$(mark --version) is already installed. Skipping installation."
-  printf "[setup-mark-action] %s level=info %s\n" "$(date +'%Y-%m-%d %T')" "${msg}"
-  exit 0
-fi
-
-if [ "${mark_version}" = "latest" ]; then
-  url_prefix="https://github.com/kovetskiy/mark/releases/latest/download"
-else
-  url_prefix="https://github.com/kovetskiy/mark/releases/download/${mark_version}"
-fi
-
-url=""
-if [ "${RUNNER_OS}" = "macOS" ]; then
-  if [ "${RUNNER_ARCH}" = "X64" ]; then
-    url="${url_prefix}/mark_Darwin_x86_64.tar.gz"
-  elif [ "${RUNNER_ARCH}" = "ARM64" ]; then
-    url="${url_prefix}/mark_Darwin_arm64.tar.gz"
+  # shellcheck disable=SC2039
+  if command -v mark >/dev/null 2>&1; then
+    msg="$(mark --version) is already installed. Skipping installation."
+    printf "[setup-mark-action] %s level=info %s\n" "$(date +'%Y-%m-%d %T')" "${msg}"
+    exit 0
   fi
-elif [ "${RUNNER_OS}" = "Linux" ]; then
-  if [ "${RUNNER_ARCH}" = "X64" ]; then
-    url="${url_prefix}/mark_Linux_x86_64.tar.gz"
-  elif [ "${RUNNER_ARCH}" = "ARM64" ]; then
-    url="${url_prefix}/mark_Linux_arm64.tar.gz"
+
+  url_prefix="https://github.com/kovetskiy/mark/releases"
+  if [ "${mark_version}" = "latest" ]; then
+    url_prefix="${url_prefix}/latest/download"
+  else
+    url_prefix="${url_prefix}/download/${mark_version}"
   fi
-fi
 
-if [ -z "${url}" ]; then
-  echo "::error title=OS is not supported::${RUNNER_OS} ${RUNNER_ARCH} is not supported"
-  exit 1
-fi
+  url=""
+  if [ "${RUNNER_OS}" = "macOS" ]; then
+    if [ "${RUNNER_ARCH}" = "X64" ]; then
+      url="${url_prefix}/mark_Darwin_x86_64.tar.gz"
+    elif [ "${RUNNER_ARCH}" = "ARM64" ]; then
+      url="${url_prefix}/mark_Darwin_arm64.tar.gz"
+    fi
+  elif [ "${RUNNER_OS}" = "Linux" ]; then
+    if [ "${RUNNER_ARCH}" = "X64" ]; then
+      url="${url_prefix}/mark_Linux_x86_64.tar.gz"
+    elif [ "${RUNNER_ARCH}" = "ARM64" ]; then
+      url="${url_prefix}/mark_Linux_arm64.tar.gz"
+    fi
+  fi
 
-bin_path="${RUNNER_TEMP}/bin"
-mkdir -p "${bin_path}"
-tar_path="${bin_path}/mark.tar.gz"
-checksums_path="${bin_path}/checksums.txt"
-curl -sL "${url}" -o "${tar_path}"
-curl -sL "${url_prefix}/checksums.txt" -o "${checksums_path}"
+  if [ -z "${url}" ]; then
+    echo "::error title=OS is not supported::${RUNNER_OS} ${RUNNER_ARCH} is not supported"
+    exit 1
+  fi
 
-if ! grep -qF "$(shasum -a 256 "${tar_path}" | cut -d ' ' -f 1)" "${checksums_path}"; then
-  echo "::error title=Checksum error::Checksum is different from the downloaded binary"
-  exit 1
-fi
+  bin_path="${RUNNER_TEMP}/bin"
+  mkdir -p "${bin_path}"
+  tar_path="${bin_path}/mark.tar.gz"
+  checksums_path="${bin_path}/checksums.txt"
+  curl -sL "${url}" -o "${tar_path}"
+  curl -sL "${url_prefix}/checksums.txt" -o "${checksums_path}"
 
-tar -xf "${tar_path}" -C "${bin_path}"
-rm -f "${tar_path}"
-echo "${bin_path}" >> "$GITHUB_PATH"
+  if ! grep -qF "$(shasum -a 256 "${tar_path}" | cut -d ' ' -f 1)" "${checksums_path}"; then
+    echo "::error title=Checksum error::Checksum is different from the downloaded binary"
+    exit 1
+  fi
+
+  tar -xf "${tar_path}" -C "${bin_path}"
+  rm -f "${tar_path}"
+  echo "${bin_path}" >> "$GITHUB_PATH"
+}
+
+main "$@"

src/validate-inputs.sh

@@ -0,0 +1,27 @@
+#!/usr/bin/env sh
+
+# Validates value to be a valid semver string.
+# Parameters:
+# 1. (Required) Param name to display it correctly in the error message for the
+#    users.
+# 2. (Required) Param value that will be validated.
+#
+# Usage examples:
+# check_semver "my-valid-semver-1" "1.2.3"
+# check_semver "my-valid-semver-3" "latest"
+# check_semver "my-invalid-semver" "1.2.3-rc1"
+check_semver() {
+  if ! echo "${2}" | grep -Eq '^(latest|[0-9]+(\.[0-9]+){0,2})$'; then
+    msg="\"${1}\" parameter is invalid. \"${2}\" is not a valid semver."
+    echo "::error title=Invalid parameter::${msg}"
+    exit 30
+  fi
+}
+
+main() {
+  input_version="${1}"
+
+  check_semver "version" "${input_version}"
+}
+
+main "$@"