Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump http-client version (actions#221) #222

Merged
merged 3 commits into from
Sep 14, 2021

Conversation

pkrulec-cen57570
Copy link
Contributor

Description:
Bump http-client version to 1.0.11 to fix proxy auth error

Related issue:
#221

Check list:

  • Mark if documentation changes are required.
  • Mark if tests were added or updated to cover the changes.

Bump http-client version to 1.0.11 to fix proxy auth error
@dmitry-shibanov
Copy link
Contributor

Hello @pavelkrulec-ext96968. Thank you for your pull request. Could you please run the npm update @actions/http-client command with node 12 npm 6.* to regenerate package-lock.json and after that run the npm run build command to regenerate dist. Besides, you need to update licenses for http-client, you can see how it can be done in licensed.yml. If you need any help feel free to ping me.

@pkrulec-cen57570 pkrulec-cen57570 force-pushed the main branch 2 times, most recently from 5e921b2 to 680cacd Compare September 13, 2021 07:21
@pkrulec-cen57570
Copy link
Contributor Author

Hello @dmitry-shibanov and thank you for your feedback! I've checked the license for http-client, updated version and licensed status now exits successfully.

I've also run the npm update @actions/http-client command with npm 6.14.15 (Node v12.22.6), however, it looks like this version of npm downgrades the version of package-lock.json from v2 to v1, see the new commit's diff. Is this desirable?

$ npm update @actions/http-client                                                                                                                                                                                          
npm WARN read-shrinkwrap This version of npm is compatible with lockfileVersion@1, but package-lock.json was generated for lockfileVersion@2. I'll try to do my best with it!
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.3.2 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.3.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

+ @actions/http-client@1.0.11
added 587 packages from 465 contributors and audited 593 packages in 12.971s

24 packages are looking for funding
  run `npm fund` for details

found 280 moderate severity vulnerabilities
  run `npm audit fix` to fix them, or `npm audit` for details

Output of npm version 7.x looks much better.

@dmitry-shibanov dmitry-shibanov merged commit 61c179a into actions:main Sep 14, 2021
@dmitry-shibanov
Copy link
Contributor

Hello @pavelkrulec-ext96968. Thank you for your response. We'd prefer to stick with npm 6.x for now.
Thank you for your contribution.

Copy link

@dikehtaw dikehtaw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

.licenses/npm/@actions/http-client.dep.yml
299-2996578_cute-cartoon-girl-png-free-download-love-girl-cartoon-png

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants