Bump the npm-dependencies group with 4 updates

Bumps the npm-dependencies group with 4 updates: [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core), [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github), [tar](https://github.com/isaacs/node-tar) and [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env).


Updates `@actions/core` from 2.0.2 to 3.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

Updates `@actions/github` from 7.0.0 to 9.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

Updates `tar` from 7.5.6 to 7.5.7
- [Release notes](https://github.com/isaacs/node-tar/releases)
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.6...v7.5.7)

Updates `@babel/preset-env` from 7.28.6 to 7.29.0
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.29.0/packages/babel-preset-env)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: "@actions/github"
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: npm-dependencies
- dependency-name: tar
  dependency-version: 7.5.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-dependencies
- dependency-name: "@babel/preset-env"
  dependency-version: 7.29.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
  dependency-group: npm-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
dependabot[bot]
2026-02-02 14:44:35 +00:00
committed by GitHub
parent 8270e9ad5f
commit cf04b7bb63
2 changed files with 530 additions and 283 deletions
+526 -279
View File
File diff suppressed because it is too large Load Diff
+4 -4
View File
@@ -26,18 +26,18 @@
},
"homepage": "https://github.com/advanced-security/component-detection-dependency-submission-action#readme",
"dependencies": {
"@actions/core": "^2.0.2",
"@actions/github": "^7.0.0",
"@actions/core": "^3.0.0",
"@actions/github": "^9.0.0",
"@github/dependency-submission-toolkit": "^2.0.5",
"cross-fetch": "^4.1.0",
"dotenv": "^17.2.3",
"fs": "^0.0.1-security",
"octokit": "^5.0.5",
"tar": "^7.5.6",
"tar": "^7.5.7",
"yaml": "^2.8.2"
},
"devDependencies": {
"@babel/preset-env": "^7.28.6",
"@babel/preset-env": "^7.29.0",
"@babel/preset-typescript": "^7.28.5",
"@eslint/js": "^9.39.2",
"@types/jest": "^30.0.0",