Bump sigstore/cosign-installer from 4.1.1 to 4.1.2

Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v4.1.1...6f9f17788090df1f26f669e9d70d6ae9567deba6) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-version: 4.1.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Merge pull request #3090 from fosrl/github-action-cosign
2026-05-17 06:24:32 +00:00 · 2026-05-16 21:55:15 +00:00 · 2026-05-16 14:53:24 -07:00 · 2026-05-16 16:21:13 +02:00 · 2026-05-16 16:17:45 +02:00 · 2026-05-14 21:21:03 -07:00
6 changed files with 98 additions and 17 deletions
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -1,3 +0,0 @@
-# These are supported funding model platforms
-
-github: [fosrl]
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -415,7 +415,9 @@ jobs:

            - name: Install cosign
              # cosign is used to sign container images using keyless (OIDC) signing
-              uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
+              uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2
+              with:
+                cosign-release: v3.0.6

            - name: Sign (GHCR, keyless)
              # Sign each GHCR image by digest using keyless (OIDC) signing via Sigstore/Rekor.
--- a/.github/workflows/mirror.yaml
+++ b/.github/workflows/mirror.yaml
@@ -23,7 +23,7 @@ jobs:
          skopeo --version

      - name: Install cosign
-        uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
+        uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2

      - name: Input check
        run: |
--- a/install/go.mod
+++ b/install/go.mod
@@ -5,7 +5,7 @@ go 1.25.0
 require (
 	github.com/charmbracelet/huh v1.0.0
 	github.com/charmbracelet/lipgloss v1.1.0
-	golang.org/x/term v0.43.0
+	golang.org/x/term v0.42.0
 	gopkg.in/yaml.v3 v3.0.1
 )

@@ -33,6 +33,6 @@ require (
 	github.com/rivo/uniseg v0.4.7 // indirect
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
 	golang.org/x/sync v0.15.0 // indirect
-	golang.org/x/sys v0.44.0 // indirect
+	golang.org/x/sys v0.43.0 // indirect
 	golang.org/x/text v0.23.0 // indirect
 )
--- a/install/go.sum
+++ b/install/go.sum
@@ -69,10 +69,10 @@ golang.org/x/sync v0.15.0 h1:KWH3jNZsfyT6xfAfKiz6MRNmd46ByHDYaZ7KSkCtdW8=
 golang.org/x/sync v0.15.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA=
 golang.org/x/sys v0.0.0-20210809222454-d867a43fc93e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.44.0 h1:ildZl3J4uzeKP07r2F++Op7E9B29JRUy+a27EibtBTQ=
-golang.org/x/sys v0.44.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
-golang.org/x/term v0.43.0 h1:S4RLU2sB31O/NCl+zFN9Aru9A/Cq2aqKpTZJ6B+DwT4=
-golang.org/x/term v0.43.0/go.mod h1:lrhlHNdQJHO+1qVYiHfFKVuVioJIheAc3fBSMFYEIsk=
+golang.org/x/sys v0.43.0 h1:Rlag2XtaFTxp19wS8MXlJwTvoh8ArU6ezoyFsMyCTNI=
+golang.org/x/sys v0.43.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
+golang.org/x/term v0.42.0 h1:UiKe+zDFmJobeJ5ggPwOshJIVt6/Ft0rcfrXZDLWAWY=
+golang.org/x/term v0.42.0/go.mod h1:Dq/D+snpsbazcBG5+F9Q1n2rXV8Ma+71xEjTRufARgY=
 golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
 golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
--- a/server/routers/resource/getUserResources.ts
+++ b/server/routers/resource/getUserResources.ts
@@ -1,6 +1,6 @@
 import { Request, Response, NextFunction } from "express";
-import { db } from "@server/db";
-import { and, eq, or, inArray } from "drizzle-orm";
+import { db, DB_TYPE } from "@server/db";
+import { and, eq, or, inArray, sql } from "drizzle-orm";
 import {
    resources,
    userResources,
@@ -12,7 +12,9 @@ import {
    resourceWhitelist,
    siteResources,
    userSiteResources,
-    roleSiteResources
+    roleSiteResources,
+    siteNetworks,
+    sites
 } from "@server/db";
 import createHttpError from "http-errors";
 import HttpCode from "@server/types/HttpCode";
@@ -159,9 +161,21 @@ export async function getUserResources(
            tcpPortRangeString: string | null;
            udpPortRangeString: string | null;
            disableIcmp: boolean | null;
+            siteIds: number[];
+            siteNames: string[];
+            siteNiceIds: string[];
+            siteAddresses: (string | null)[];
+            siteOnlines: boolean[];
        }> = [];
        if (accessibleSiteResourceIds.length > 0) {
-            siteResourcesData = await db
+            const aggCol = <T>(column: any) => {
+                if (DB_TYPE === "sqlite") {
+                    return sql<T>`json_group_array(${column})`;
+                }
+                return sql<T>`COALESCE(array_agg(${column}) FILTER (WHERE ${sites.siteId} IS NOT NULL), '{}')`;
+            };
+
+            const siteResourcesRaw = await db
                .select({
                    siteResourceId: siteResources.siteResourceId,
                    name: siteResources.name,
@@ -176,9 +190,19 @@ export async function getUserResources(
                    aliasAddress: siteResources.aliasAddress,
                    tcpPortRangeString: siteResources.tcpPortRangeString,
                    udpPortRangeString: siteResources.udpPortRangeString,
-                    disableIcmp: siteResources.disableIcmp
+                    disableIcmp: siteResources.disableIcmp,
+                    siteIds: aggCol<number[]>(sites.siteId),
+                    siteNames: aggCol<string[]>(sites.name),
+                    siteNiceIds: aggCol<string[]>(sites.niceId),
+                    siteAddresses: aggCol<(string | null)[]>(sites.address),
+                    siteOnlines: aggCol<boolean[]>(sites.online)
                })
                .from(siteResources)
+                .leftJoin(
+                    siteNetworks,
+                    eq(siteResources.networkId, siteNetworks.networkId)
+                )
+                .leftJoin(sites, eq(siteNetworks.siteId, sites.siteId))
                .where(
                    and(
                        inArray(
@@ -188,7 +212,55 @@ export async function getUserResources(
                        eq(siteResources.orgId, orgId),
                        eq(siteResources.enabled, true)
                    )
-                );
+                )
+                .groupBy(siteResources.siteResourceId);
+
+            siteResourcesData = siteResourcesRaw.map((row: any) => {
+                if (DB_TYPE !== "sqlite") {
+                    return row;
+                }
+                const siteIdsRaw = JSON.parse(row.siteIds) as (number | null)[];
+                const siteNamesRaw = JSON.parse(row.siteNames) as (
+                    | string
+                    | null
+                )[];
+                const siteNiceIdsRaw = JSON.parse(row.siteNiceIds) as (
+                    | string
+                    | null
+                )[];
+                const siteAddressesRaw = JSON.parse(row.siteAddresses) as (
+                    | string
+                    | null
+                )[];
+                const siteOnlinesRaw = JSON.parse(row.siteOnlines) as (
+                    | 0
+                    | 1
+                    | null
+                )[];
+
+                const siteIds: number[] = [];
+                const siteNames: string[] = [];
+                const siteNiceIds: string[] = [];
+                const siteAddresses: (string | null)[] = [];
+                const siteOnlines: boolean[] = [];
+                for (let i = 0; i < siteIdsRaw.length; i++) {
+                    if (siteIdsRaw[i] == null) continue;
+                    siteIds.push(siteIdsRaw[i] as number);
+                    siteNames.push((siteNamesRaw[i] ?? "") as string);
+                    siteNiceIds.push((siteNiceIdsRaw[i] ?? "") as string);
+                    siteAddresses.push(siteAddressesRaw[i] ?? null);
+                    siteOnlines.push(siteOnlinesRaw[i] === 1);
+                }
+
+                return {
+                    ...row,
+                    siteIds,
+                    siteNames,
+                    siteNiceIds,
+                    siteAddresses,
+                    siteOnlines
+                };
+            });
        }

        // Check for password, pincode, and whitelist protection for each resource
@@ -269,6 +341,11 @@ export async function getUserResources(
                tcpPortRangeString: siteResource.tcpPortRangeString,
                udpPortRangeString: siteResource.udpPortRangeString,
                disableIcmp: siteResource.disableIcmp,
+                siteIds: siteResource.siteIds,
+                siteNames: siteResource.siteNames,
+                siteNiceIds: siteResource.siteNiceIds,
+                siteAddresses: siteResource.siteAddresses,
+                siteOnlines: siteResource.siteOnlines,
                type: "site" as const
            };
        });
@@ -319,6 +396,11 @@ export type GetUserResourcesResponse = {
            enabled: boolean;
            alias: string | null;
            aliasAddress: string | null;
+            siteIds: number[];
+            siteNames: string[];
+            siteNiceIds: string[];
+            siteAddresses: (string | null)[];
+            siteOnlines: boolean[];
            type: "site";
        }>;
    };
Author	SHA1	Message	Date
dependabot[bot]	e4fd2b656d	Bump sigstore/cosign-installer from 4.1.1 to 4.1.2 Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v4.1.1...6f9f17788090df1f26f669e9d70d6ae9567deba6) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-version: 4.1.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2026-05-16 21:55:15 +00:00
Owen Schwartz	159e91a07c	Merge pull request #3090 from fosrl/github-action-cosign Upgrade cosign installer to v4.1.2 and pin cosign version	2026-05-16 14:53:24 -07:00
Marc Schäfer	3322f1ccb4	Update cosign installer version in CI workflow	2026-05-16 16:21:13 +02:00
Marc Schäfer	1b17fba19f	Upgrade cosign installer to v4.1.2 and pin cosign version Updated cosign installer to version 4.1.2 and specified cosign release version.	2026-05-16 16:17:45 +02:00
Owen Schwartz	8c2e6965f1	Merge pull request #3081 from fosrl/dev Update sidebar	2026-05-14 21:21:03 -07:00
Owen	b414f04cce	Remove funding	2026-05-14 21:20:34 -07:00
Owen Schwartz	9c71922dda	Merge pull request #3079 from fosrl/dev Add site information to user api	2026-05-14 20:17:19 -07:00
Owen	6e4a28f227	Add site information as well	2026-05-14 18:02:42 -07:00