From 20af45a07e9ea79dba7635583fd12b616f113adb Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 7 Sep 2024 05:08:51 +0000 Subject: [PATCH] fix: upgrade multiple dependencies with Snyk Snyk has created this PR to upgrade: - @actions/core from 1.5.0 to 1.10.1. See this package in npm: https://www.npmjs.com/package/@actions/core - @actions/tool-cache from 1.7.1 to 1.7.2. See this package in npm: https://www.npmjs.com/package/@actions/tool-cache - semver from 7.3.6 to 7.6.3. See this package in npm: https://www.npmjs.com/package/semver - typed-rest-client from 1.8.6 to 1.8.11. See this package in npm: https://www.npmjs.com/package/typed-rest-client See this project in Snyk: https://app.snyk.io/org/mhmoni25/project/88ef680c-be27-483b-a215-8a6f743f6f34?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 65 ++++++++++++++++++++++++++++++++--------------- package.json | 8 +++--- 2 files changed, 49 insertions(+), 24 deletions(-) diff --git a/package-lock.json b/package-lock.json index 7a34aa9..30ebb27 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5,9 +5,29 @@ "requires": true, "dependencies": { "@actions/core": { - "version": "1.5.0", - "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.5.0.tgz", - "integrity": "sha512-eDOLH1Nq9zh+PJlYLqEMkS/jLQxhksPNmUGNBHfa4G+tQmnIhzpctxmchETtVGyBOvXgOVVpYuE40+eS4cUnwQ==" + "version": "1.10.1", + "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.1.tgz", + "integrity": "sha512-3lBR9EDAY+iYIpTnTIXmWcNbX3T2kCkAEQGIQx4NVQ0575nk2k3GRZDTPQG+vVtS2izSLmINlxXf0uLtnrTP+g==", + "requires": { + "@actions/http-client": "^2.0.1", + "uuid": "^8.3.2" + }, + "dependencies": { + "@actions/http-client": { + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz", + "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==", + "requires": { + "tunnel": "^0.0.6", + "undici": "^5.25.4" + } + }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==" + } + } }, "@actions/exec": { "version": "1.1.0", @@ -43,9 +63,9 @@ "integrity": "sha512-Qi4JoKXjmE0O67wAOH6y0n26QXhMKMFo7GD/4IXNVcrtLjUlGjGuVys6pQgwF3ArfGTQu0XpqaNr0YhED2RaRA==" }, "@actions/tool-cache": { - "version": "1.7.1", - "resolved": "https://registry.npmjs.org/@actions/tool-cache/-/tool-cache-1.7.1.tgz", - "integrity": "sha512-y1xxxOhXaBUIUit3lhepmu/0xdgiTMpnZRLmVdtF0hTm521doi+MdRRRP62czHvM7wxH6epj4JPNJQ3iJpOrkQ==", + "version": "1.7.2", + "resolved": "https://registry.npmjs.org/@actions/tool-cache/-/tool-cache-1.7.2.tgz", + "integrity": "sha512-GYlcgg/PK2RWBrGG2sFg6s7im3S94LMKuqAv8UPDq/pGTZbuEvmN4a95Fn1Z19OE+vt7UbUHeewOD5tEBT+4TQ==", "requires": { "@actions/core": "^1.2.6", "@actions/exec": "^1.0.0", @@ -514,6 +534,11 @@ "integrity": "sha512-0hYQ8SB4Db5zvZB4axdMHGwEaQjkZzFjQiN9LVYvIFB2nSUHW9tYpxWriPrWDASIxiaXax83REcLxuSdnGPZtw==", "dev": true }, + "@fastify/busboy": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/@fastify/busboy/-/busboy-2.1.1.tgz", + "integrity": "sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA==" + }, "@istanbuljs/load-nyc-config": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/@istanbuljs/load-nyc-config/-/load-nyc-config-1.1.0.tgz", @@ -2957,11 +2982,6 @@ "integrity": "sha1-2HV7HagH3eJIFrDWqEvqGnYjCyM=", "dev": true }, - "lru-cache": { - "version": "7.8.1", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-7.8.1.tgz", - "integrity": "sha512-E1v547OCgJvbvevfjgK9sNKIVXO96NnsTsFPBlg4ZxjhsJSODoH9lk8Bm0OxvHNm6Vm5Yqkl/1fErDxhYL8Skg==" - }, "make-dir": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/make-dir/-/make-dir-3.1.0.tgz", @@ -3488,12 +3508,9 @@ } }, "semver": { - "version": "7.3.6", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.3.6.tgz", - "integrity": "sha512-HZWqcgwLsjaX1HBD31msI/rXktuIhS+lWvdE4kN9z+8IVT4Itc7vqU2WvYsyD6/sjYCt4dEKH/m1M3dwI9CC5w==", - "requires": { - "lru-cache": "^7.4.0" - } + "version": "7.6.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==" }, "semver-compare": { "version": "1.0.0", @@ -3796,9 +3813,9 @@ "dev": true }, "typed-rest-client": { - "version": "1.8.6", - "resolved": "https://registry.npmjs.org/typed-rest-client/-/typed-rest-client-1.8.6.tgz", - "integrity": "sha512-xcQpTEAJw2DP7GqVNECh4dD+riS+C1qndXLfBCJ3xk0kqprtGN491P5KlmrDbKdtuW8NEcP/5ChxiJI3S9WYTA==", + "version": "1.8.11", + "resolved": "https://registry.npmjs.org/typed-rest-client/-/typed-rest-client-1.8.11.tgz", + "integrity": "sha512-5UvfMpd1oelmUPRbbaVnq+rHP7ng2cE4qoQkQeAqxRL6PklkxsM0g32/HL0yfvruK6ojQ5x8EE+HF4YV6DtuCA==", "requires": { "qs": "^6.9.1", "tunnel": "0.0.6", @@ -3825,6 +3842,14 @@ "resolved": "https://registry.npmjs.org/underscore/-/underscore-1.13.1.tgz", "integrity": "sha512-hzSoAVtJF+3ZtiFX0VgfFPHEDRm7Y/QPjGyNo4TVdnDTdft3tr8hEkD25a1jC+TjTuE7tkHGKkhwCgs9dgBB2g==" }, + "undici": { + "version": "5.28.4", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz", + "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==", + "requires": { + "@fastify/busboy": "^2.0.0" + } + }, "universal-user-agent": { "version": "6.0.0", "resolved": "https://registry.npmjs.org/universal-user-agent/-/universal-user-agent-6.0.0.tgz", diff --git a/package.json b/package.json index 0277f96..5ecbfc4 100644 --- a/package.json +++ b/package.json @@ -21,10 +21,10 @@ "author": "John Lawson", "license": "BSD-3-Clause-Clear", "dependencies": { - "@actions/core": "^1.5.0", - "@actions/tool-cache": "^1.7.1", - "semver": "^7.3.6", - "typed-rest-client": "^1.8.4" + "@actions/core": "^1.10.1", + "@actions/tool-cache": "^1.7.2", + "semver": "^7.6.3", + "typed-rest-client": "^1.8.11" }, "devDependencies": { "@actions/github": "^5.0.0",