From 83f69e39ec3c0c00fe78f41e2819af31ee29f5dc Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 20 Dec 2024 07:22:31 +0000 Subject: [PATCH] fix: upgrade @actions/core from 1.6.0 to 1.11.1 Snyk has created this PR to upgrade @actions/core from 1.6.0 to 1.11.1. See this package in yarn: @actions/core See this project in Snyk: https://app.snyk.io/org/gableroux/project/b2d50591-122e-466d-9a3b-1dd6dc9ea7b9?utm_source=github&utm_medium=referral&page=upgrade-pr --- package.json | 2 +- yarn.lock | 42 +++++++++++++++++++++++++++++++++++------- 2 files changed, 36 insertions(+), 8 deletions(-) diff --git a/package.json b/package.json index 5caefde..f5bef8d 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "prepare": "husky install" }, "dependencies": { - "@actions/core": "^1.2.6", + "@actions/core": "^1.11.1", "@actions/exec": "^1.0.4", "@actions/github": "^2.2.0", "@octokit/core": "^3.5.1" diff --git a/yarn.lock b/yarn.lock index 6863df9..9d3d651 100644 --- a/yarn.lock +++ b/yarn.lock @@ -2,12 +2,13 @@ # yarn lockfile v1 -"@actions/core@^1.2.6": - version "1.6.0" - resolved "https://registry.yarnpkg.com/@actions/core/-/core-1.6.0.tgz#0568e47039bfb6a9170393a73f3b7eb3b22462cb" - integrity sha512-NB1UAZomZlCV/LmJqkLhNTqtKfFXJZAUPcfl/zqG7EfsQdeUJtaWO98SGbuQ3pydJ3fHl2CvI/51OKYlCYYcaw== +"@actions/core@^1.11.1": + version "1.11.1" + resolved "https://registry.yarnpkg.com/@actions/core/-/core-1.11.1.tgz#ae683aac5112438021588030efb53b1adb86f172" + integrity sha512-hXJCSrkwfA46Vd9Z3q4cpEpHB1rL5NG04+/rbqW9d3+CSvtB1tYe8UTpAlixa1vj0m/ULglfEK2UKxMGxCxv5A== dependencies: - "@actions/http-client" "^1.0.11" + "@actions/exec" "^1.1.1" + "@actions/http-client" "^2.0.1" "@actions/exec@^1.0.4": version "1.1.0" @@ -16,6 +17,13 @@ dependencies: "@actions/io" "^1.0.1" +"@actions/exec@^1.1.1": + version "1.1.1" + resolved "https://registry.yarnpkg.com/@actions/exec/-/exec-1.1.1.tgz#2e43f28c54022537172819a7cf886c844221a611" + integrity sha512-+sCcHHbVdk93a0XT19ECtO/gIXoxvdsgQLzb2fE2/5sIZmWQuluYyjPQtrtTHdU1YzTZ7bAPN4sITq2xi1679w== + dependencies: + "@actions/io" "^1.0.1" + "@actions/github@^2.2.0": version "2.2.0" resolved "https://registry.yarnpkg.com/@actions/github/-/github-2.2.0.tgz#8952fe96b12b881fa39340f0e7202b04dc5c3e71" @@ -25,13 +33,21 @@ "@octokit/graphql" "^4.3.1" "@octokit/rest" "^16.43.1" -"@actions/http-client@^1.0.11", "@actions/http-client@^1.0.3": +"@actions/http-client@^1.0.3": version "1.0.11" resolved "https://registry.yarnpkg.com/@actions/http-client/-/http-client-1.0.11.tgz#c58b12e9aa8b159ee39e7dd6cbd0e91d905633c0" integrity sha512-VRYHGQV1rqnROJqdMvGUbY/Kn8vriQe/F9HR2AlYHzmKuM/p3kjNuXhmdBfcVgsvRWTz5C5XW5xvndZrVBuAYg== dependencies: tunnel "0.0.6" +"@actions/http-client@^2.0.1": + version "2.2.3" + resolved "https://registry.yarnpkg.com/@actions/http-client/-/http-client-2.2.3.tgz#31fc0b25c0e665754ed39a9f19a8611fc6dab674" + integrity sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA== + dependencies: + tunnel "^0.0.6" + undici "^5.25.4" + "@actions/io@^1.0.1": version "1.1.1" resolved "https://registry.yarnpkg.com/@actions/io/-/io-1.1.1.tgz#4a157406309e212ab27ed3ae30e8c1d641686a66" @@ -337,6 +353,11 @@ minimatch "^3.0.4" strip-json-comments "^3.1.1" +"@fastify/busboy@^2.0.0": + version "2.1.1" + resolved "https://registry.yarnpkg.com/@fastify/busboy/-/busboy-2.1.1.tgz#b9da6a878a371829a0502c9b6c1c143ef6663f4d" + integrity sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA== + "@humanwhocodes/config-array@^0.9.2": version "0.9.2" resolved "https://registry.yarnpkg.com/@humanwhocodes/config-array/-/config-array-0.9.2.tgz#68be55c737023009dfc5fe245d51181bb6476914" @@ -4833,7 +4854,7 @@ tsutils@^3.21.0: dependencies: tslib "^1.8.1" -tunnel@0.0.6: +tunnel@0.0.6, tunnel@^0.0.6: version "0.0.6" resolved "https://registry.yarnpkg.com/tunnel/-/tunnel-0.0.6.tgz#72f1314b34a5b192db012324df2cc587ca47f92c" integrity sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg== @@ -4899,6 +4920,13 @@ unbox-primitive@^1.0.1: has-symbols "^1.0.2" which-boxed-primitive "^1.0.2" +undici@^5.25.4: + version "5.28.4" + resolved "https://registry.yarnpkg.com/undici/-/undici-5.28.4.tgz#6b280408edb6a1a604a9b20340f45b422e373068" + integrity sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g== + dependencies: + "@fastify/busboy" "^2.0.0" + union-value@^1.0.0: version "1.0.1" resolved "https://registry.yarnpkg.com/union-value/-/union-value-1.0.1.tgz#0b6fe7b835aecda61c6ea4d4f02c14221e109847"