From ccecc0f6d1df5f8e81f11194629cf38b71be15a7 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 13 Sep 2024 15:10:59 +0000 Subject: [PATCH] fix: upgrade multiple dependencies with Snyk Snyk has created this PR to upgrade: - @actions/http-client from 2.2.1 to 2.2.3. See this package in npm: https://www.npmjs.com/package/@actions/http-client - @actions/glob from 0.4.0 to 0.5.0. See this package in npm: https://www.npmjs.com/package/@actions/glob - semver from 7.6.0 to 7.6.3. See this package in npm: https://www.npmjs.com/package/semver See this project in Snyk: https://app.snyk.io/org/nexuscompute/project/c61a5916-9a2c-4099-9791-8d8745369360?utm_source=github&utm_medium=referral&page=upgrade-pr --- package-lock.json | 46 +++++++++++++++------------------------------- package.json | 6 +++--- 2 files changed, 18 insertions(+), 34 deletions(-) diff --git a/package-lock.json b/package-lock.json index 8274a1c89..73788ef33 100644 --- a/package-lock.json +++ b/package-lock.json @@ -12,11 +12,11 @@ "@actions/cache": "^3.2.4", "@actions/core": "^1.10.0", "@actions/exec": "^1.0.4", - "@actions/glob": "^0.4.0", - "@actions/http-client": "^2.2.1", + "@actions/glob": "^0.5.0", + "@actions/http-client": "^2.2.3", "@actions/io": "^1.0.2", "@actions/tool-cache": "^2.0.1", - "semver": "^7.6.0", + "semver": "^7.6.3", "xmlbuilder2": "^2.4.0" }, "devDependencies": { @@ -106,18 +106,20 @@ } }, "node_modules/@actions/glob": { - "version": "0.4.0", - "resolved": "https://registry.npmjs.org/@actions/glob/-/glob-0.4.0.tgz", - "integrity": "sha512-+eKIGFhsFa4EBwaf/GMyzCdWrXWymGXfFmZU3FHQvYS8mPcHtTtZONbkcqqUMzw9mJ/pImEBFET1JNifhqGsAQ==", + "version": "0.5.0", + "resolved": "https://registry.npmjs.org/@actions/glob/-/glob-0.5.0.tgz", + "integrity": "sha512-tST2rjPvJLRZLuT9NMUtyBjvj9Yo0MiJS3ow004slMvm8GFM+Zv9HvMJ7HWzfUyJnGrJvDsYkWBaaG3YKXRtCw==", + "license": "MIT", "dependencies": { "@actions/core": "^1.9.1", "minimatch": "^3.0.4" } }, "node_modules/@actions/http-client": { - "version": "2.2.1", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.1.tgz", - "integrity": "sha512-KhC/cZsq7f8I4LfZSJKgCvEwfkE8o1538VoBeoGzokVLLnbFDEAdFD3UhoMklxo2un9NJVBdANOresx7vTHlHw==", + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz", + "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==", + "license": "MIT", "dependencies": { "tunnel": "^0.0.6", "undici": "^5.25.4" @@ -4958,12 +4960,10 @@ "integrity": "sha512-0s+oAmw9zLl1V1cS9BtZN7JAd0cW5e0QH4W3LWEK6a4LaLEA2OTpGYWDY+6XasBLtz6wkm3u1xRw95mRuJ59WA==" }, "node_modules/semver": { - "version": "7.6.0", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.0.tgz", - "integrity": "sha512-EnwXhrlwXMk9gKu5/flx5sv/an57AkRplG3hTK68W7FRDN+k+OWBj65M7719OkA82XLBxrcX0KSHj+X5COhOVg==", - "dependencies": { - "lru-cache": "^6.0.0" - }, + "version": "7.6.3", + "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", + "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", + "license": "ISC", "bin": { "semver": "bin/semver.js" }, @@ -4971,22 +4971,6 @@ "node": ">=10" } }, - "node_modules/semver/node_modules/lru-cache": { - "version": "6.0.0", - "resolved": "https://registry.npmjs.org/lru-cache/-/lru-cache-6.0.0.tgz", - "integrity": "sha512-Jo6dJ04CmSjuznwJSS3pUeWmd/H0ffTlkXXgwZi+eq1UCmqQwCh+eLsYOYCwY991i2Fah4h1BEMCx4qThGbsiA==", - "dependencies": { - "yallist": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver/node_modules/yallist": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/yallist/-/yallist-4.0.0.tgz", - "integrity": "sha512-3wdGidZyq5PB084XLES5TpOSRA3wjXAlIWMhum2kRcv/41Sn2emQ0dycQW4uZXLejwKvg6EsvbdlVL+FYEct7A==" - }, "node_modules/shebang-command": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", diff --git a/package.json b/package.json index d8c49485b..14e740d0f 100644 --- a/package.json +++ b/package.json @@ -29,11 +29,11 @@ "@actions/cache": "^3.2.4", "@actions/core": "^1.10.0", "@actions/exec": "^1.0.4", - "@actions/glob": "^0.4.0", - "@actions/http-client": "^2.2.1", + "@actions/glob": "^0.5.0", + "@actions/http-client": "^2.2.3", "@actions/io": "^1.0.2", "@actions/tool-cache": "^2.0.1", - "semver": "^7.6.0", + "semver": "^7.6.3", "xmlbuilder2": "^2.4.0" }, "devDependencies": {