github-actions[bot]
d866fbedb1
Empty commit to open PR
2026-03-16 00:51:02 +00:00
github-actions[bot]
fe259eef9d
Merge upstream:main
2026-03-16 00:51:02 +00:00
Adrien Pessu
b0312ae733
Merge pull request #178 from advanced-security/copilot/fix-swift-component-detection
...
Fix incorrect Swift detector ID in README (`SwiftResolved` → `Swift`)
2026-03-11 16:41:39 +01:00
copilot-swe-agent[bot]
2093de1e20
Fix incorrect Swift detector ID in README: SwiftResolved -> Swift
...
Co-authored-by: felickz <1760475+felickz@users.noreply.github.com >
2026-03-09 18:41:48 +00:00
copilot-swe-agent[bot]
5c97a5a0c2
Initial plan
2026-03-09 18:39:38 +00:00
dependabot[bot]
b876b8cc34
Bump the npm-dependencies group with 2 updates ( #176 )
...
Bumps the npm-dependencies group with 2 updates: [tar](https://github.com/isaacs/node-tar ) and [eslint](https://github.com/eslint/eslint ).
Updates `tar` from 7.5.10 to 7.5.11
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.10...v7.5.11 )
Updates `eslint` from 10.0.2 to 10.0.3
- [Release notes](https://github.com/eslint/eslint/releases )
- [Commits](https://github.com/eslint/eslint/compare/v10.0.2...v10.0.3 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.11
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: npm-dependencies
- dependency-name: eslint
dependency-version: 10.0.3
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: npm-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com >
2026-03-09 14:34:03 -04:00
dependabot[bot]
0c211551d6
Bump actions/setup-node in the actions-dependencies group ( #175 )
...
Bumps the actions-dependencies group with 1 update: [actions/setup-node](https://github.com/actions/setup-node ).
Updates `actions/setup-node` from 6.2.0 to 6.3.0
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v6.2.0...v6.3.0 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-version: 6.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com >
2026-03-09 14:31:24 -04:00
dependabot[bot]
71e41d3093
Bump tar in /test in the npm_and_yarn group across 1 directory ( #177 )
...
Bumps the npm_and_yarn group with 1 update in the /test directory: [tar](https://github.com/isaacs/node-tar ).
Updates `tar` from 7.5.8 to 7.5.10
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.8...v7.5.10 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.10
dependency-type: direct:production
dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-09 14:29:18 -04:00
dependabot[bot]
48ae13709e
Bump minimatch in /test in the npm_and_yarn group across 1 directory ( #171 )
...
Bumps the npm_and_yarn group with 1 update in the /test directory: [minimatch](https://github.com/isaacs/minimatch ).
Updates `minimatch` from 3.1.2 to 3.1.5
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md )
- [Commits](https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5 )
---
updated-dependencies:
- dependency-name: minimatch
dependency-version: 3.1.5
dependency-type: indirect
dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com >
2026-03-06 13:33:10 -05:00
dependabot[bot]
7efb859132
Bump minimatch from 3.1.2 to 3.1.5 ( #170 )
...
Bumps [minimatch](https://github.com/isaacs/minimatch ) from 3.1.2 to 3.1.5.
- [Changelog](https://github.com/isaacs/minimatch/blob/main/changelog.md )
- [Commits](https://github.com/isaacs/minimatch/compare/v3.1.2...v3.1.5 )
---
updated-dependencies:
- dependency-name: minimatch
dependency-version: 3.1.5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com >
2026-03-06 13:31:58 -05:00
dependabot[bot]
50b9449a2f
Bump eslint from 10.0.0 to 10.0.2 in the npm-dependencies group ( #173 )
...
Bumps the npm-dependencies group with 1 update: [eslint](https://github.com/eslint/eslint ).
Updates `eslint` from 10.0.0 to 10.0.2
- [Release notes](https://github.com/eslint/eslint/releases )
- [Commits](https://github.com/eslint/eslint/compare/v10.0.0...v10.0.2 )
---
updated-dependencies:
- dependency-name: eslint
dependency-version: 10.0.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: npm-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com >
2026-03-06 13:30:22 -05:00
dependabot[bot]
56ef6dcc04
Bump actions/upload-artifact in the actions-dependencies group ( #172 )
...
Bumps the actions-dependencies group with 1 update: [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Updates `actions/upload-artifact` from 6 to 7
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com >
2026-03-06 13:28:40 -05:00
dependabot[bot]
6531c188bd
Bump tar from 7.5.9 to 7.5.10 ( #174 )
...
Bumps [tar](https://github.com/isaacs/node-tar ) from 7.5.9 to 7.5.10.
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.9...v7.5.10 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.10
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-03-06 13:26:22 -05:00
Adrien Pessu
0797d4eff6
Merge pull request #167 from advanced-security/dependabot/npm_and_yarn/test/npm_and_yarn-1db22e1e02
...
Bump tar from 7.5.7 to 7.5.8 in /test in the npm_and_yarn group across 1 directory
2026-02-25 12:51:18 +01:00
dependabot[bot]
7ba820f614
Bump tar in /test in the npm_and_yarn group across 1 directory
...
Bumps the npm_and_yarn group with 1 update in the /test directory: [tar](https://github.com/isaacs/node-tar ).
Updates `tar` from 7.5.7 to 7.5.8
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.7...v7.5.8 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.8
dependency-type: direct:production
dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-24 16:17:55 +00:00
dependabot[bot]
bd71948983
Bump the npm-dependencies group across 1 directory with 4 updates ( #165 )
...
* Bump the npm-dependencies group across 1 directory with 4 updates
Bumps the npm-dependencies group with 4 updates in the / directory: [dotenv](https://github.com/motdotla/dotenv ), [tar](https://github.com/isaacs/node-tar ), [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js ) and [eslint](https://github.com/eslint/eslint ).
Updates `dotenv` from 17.2.3 to 17.3.1
- [Changelog](https://github.com/motdotla/dotenv/blob/master/CHANGELOG.md )
- [Commits](https://github.com/motdotla/dotenv/compare/v17.2.3...v17.3.1 )
Updates `tar` from 7.5.7 to 7.5.9
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.7...v7.5.9 )
Updates `@eslint/js` from 9.39.2 to 10.0.1
- [Release notes](https://github.com/eslint/eslint/releases )
- [Commits](https://github.com/eslint/eslint/commits/HEAD/packages/js )
Updates `eslint` from 9.39.2 to 10.0.0
- [Release notes](https://github.com/eslint/eslint/releases )
- [Commits](https://github.com/eslint/eslint/compare/v9.39.2...v10.0.0 )
---
updated-dependencies:
- dependency-name: dotenv
dependency-version: 17.3.1
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: npm-dependencies
- dependency-name: tar
dependency-version: 7.5.9
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: npm-dependencies
- dependency-name: "@eslint/js"
dependency-version: 10.0.1
dependency-type: direct:development
update-type: version-update:semver-major
dependency-group: npm-dependencies
- dependency-name: eslint
dependency-version: 10.0.0
dependency-type: direct:development
update-type: version-update:semver-major
dependency-group: npm-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
* Initial plan
* Rebuild dist/ after dependency updates
Co-authored-by: felickz <1760475+felickz@users.noreply.github.com >
---------
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
Co-authored-by: felickz <1760475+felickz@users.noreply.github.com >
2026-02-24 11:14:33 -05:00
Chad Bentz
630165e704
Merge pull request #161 from advanced-security/document-EnableIfDefaultOff-detectorArgs
...
Revise README for workflows and detector options
2026-02-02 13:53:01 -05:00
Chad Bentz
332c61add4
Merge pull request #159 from advanced-security/dependabot/npm_and_yarn/test/npm_and_yarn-c2faeb1381
...
Bump tar from 7.5.4 to 7.5.7 in /test in the npm_and_yarn group across 1 directory
2026-02-02 10:56:59 -05:00
Chad Bentz
933761652d
Merge pull request #162 from advanced-security/dependabot/npm_and_yarn/npm-dependencies-304c371dc4
...
Bump the npm-dependencies group with 4 updates
2026-02-02 10:52:42 -05:00
Chad Bentz
9aece0e09c
Merge pull request #163 from advanced-security/copilot/sub-pr-162
...
Fix ESM compatibility for @actions/core v3 and @actions/github v9
2026-02-02 10:41:47 -05:00
copilot-swe-agent[bot]
41bb53a1db
Update TypeScript config comments to be more concise
...
Co-authored-by: felickz <1760475+felickz@users.noreply.github.com >
2026-02-02 15:15:27 +00:00
copilot-swe-agent[bot]
4f00d77f0c
Fix ESM compatibility for @actions packages v3/v9
...
- Remove unused deep import of Context from @actions/github/lib/context
- Update TypeScript config to compile to ES2022 modules instead of CommonJS
- This fixes build failures with @actions/core v3 and @actions/github v9
Co-authored-by: felickz <1760475+felickz@users.noreply.github.com >
2026-02-02 15:14:37 +00:00
copilot-swe-agent[bot]
1a454445fe
Initial plan
2026-02-02 15:10:06 +00:00
dependabot[bot]
cf04b7bb63
Bump the npm-dependencies group with 4 updates
...
Bumps the npm-dependencies group with 4 updates: [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core ), [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github ), [tar](https://github.com/isaacs/node-tar ) and [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ).
Updates `@actions/core` from 2.0.2 to 3.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md )
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core )
Updates `@actions/github` from 7.0.0 to 9.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md )
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github )
Updates `tar` from 7.5.6 to 7.5.7
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.6...v7.5.7 )
Updates `@babel/preset-env` from 7.28.6 to 7.29.0
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.29.0/packages/babel-preset-env )
---
updated-dependencies:
- dependency-name: "@actions/core"
dependency-version: 3.0.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: npm-dependencies
- dependency-name: "@actions/github"
dependency-version: 9.0.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: npm-dependencies
- dependency-name: tar
dependency-version: 7.5.7
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: npm-dependencies
- dependency-name: "@babel/preset-env"
dependency-version: 7.29.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: npm-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-02-02 14:44:35 +00:00
Chad Bentz
d177d7847a
Update README to remove duplication and version change
...
fix formatting and typo
2026-01-29 15:20:14 -05:00
Chad Bentz
d041cfd4c5
Revise README for workflows and detector options
...
Updated example workflow section and added details about experimental and default-off detectors that are passed into detectorArgs as EnableIfDefaultOff
2026-01-29 15:17:59 -05:00
dependabot[bot]
f7f30e1366
Bump tar in /test in the npm_and_yarn group across 1 directory
...
Bumps the npm_and_yarn group with 1 update in the /test directory: [tar](https://github.com/isaacs/node-tar ).
Updates `tar` from 7.5.4 to 7.5.7
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.4...v7.5.7 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.7
dependency-type: direct:production
dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-29 14:01:38 +00:00
Chad Bentz
8270e9ad5f
Merge pull request #158 from advanced-security/dependabot/npm_and_yarn/npm-dependencies-1c5b4d3897
...
Bump tar from 7.5.4 to 7.5.6 in the npm-dependencies group
2026-01-26 09:45:44 -05:00
dependabot[bot]
fe72234f00
Bump tar from 7.5.4 to 7.5.6 in the npm-dependencies group
...
Bumps the npm-dependencies group with 1 update: [tar](https://github.com/isaacs/node-tar ).
Updates `tar` from 7.5.4 to 7.5.6
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.4...v7.5.6 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.6
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: npm-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-26 14:23:35 +00:00
Chad Bentz
65d132c09c
Merge pull request #157 from advanced-security/dependabot/npm_and_yarn/test/nested/npm_and_yarn-f3562b46b9
...
Bump lodash from 4.17.21 to 4.17.23 in /test/nested in the npm_and_yarn group across 1 directory
2026-01-23 16:52:45 -05:00
dependabot[bot]
4407dda41e
Bump lodash in /test/nested in the npm_and_yarn group across 1 directory
...
Bumps the npm_and_yarn group with 1 update in the /test/nested directory: [lodash](https://github.com/lodash/lodash ).
Updates `lodash` from 4.17.21 to 4.17.23
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.17.23 )
---
updated-dependencies:
- dependency-name: lodash
dependency-version: 4.17.23
dependency-type: direct:production
dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-22 08:00:22 +00:00
Chad Bentz
79573619af
Merge pull request #156 from advanced-security/latest-version-readme
...
Update component detection action version to 0.1.1
2026-01-21 16:27:54 -05:00
Chad Bentz
32fc958bc4
Update component detection action version to 0.1.1
2026-01-21 16:27:04 -05:00
Chad Bentz
9c110eb34d
Merge pull request #155 from advanced-security/dependabot/npm_and_yarn/test/npm_and_yarn-a17bed1a3b
...
Bump tar from 7.5.3 to 7.5.4 in /test in the npm_and_yarn group across 1 directory
2026-01-21 16:20:23 -05:00
Chad Bentz
fe416ae93b
Merge pull request #154 from advanced-security/dependabot/npm_and_yarn/tar-7.5.4
...
Bump tar from 7.5.3 to 7.5.4
2026-01-21 16:20:12 -05:00
dependabot[bot]
1a936f4a73
Bump tar in /test in the npm_and_yarn group across 1 directory
...
Bumps the npm_and_yarn group with 1 update in the /test directory: [tar](https://github.com/isaacs/node-tar ).
Updates `tar` from 7.5.3 to 7.5.4
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.3...v7.5.4 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.4
dependency-type: direct:production
dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-21 21:19:00 +00:00
dependabot[bot]
602785199a
Bump tar from 7.5.3 to 7.5.4
...
Bumps [tar](https://github.com/isaacs/node-tar ) from 7.5.3 to 7.5.4.
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.3...v7.5.4 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.4
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-21 21:18:44 +00:00
Chad Bentz
386aa5c154
Merge pull request #152 from advanced-security/dependabot/github_actions/actions-dependencies-b584cbb28a
...
Bump the actions-dependencies group with 2 updates
2026-01-19 12:15:31 -05:00
Chad Bentz
7422d90ed9
Merge pull request #153 from advanced-security/dependabot/npm_and_yarn/npm-dependencies-37dcccbec2
...
Bump @babel/preset-env from 7.28.5 to 7.28.6 in the npm-dependencies group
2026-01-19 12:13:28 -05:00
dependabot[bot]
026ce8b4fe
Bump @babel/preset-env in the npm-dependencies group
...
Bumps the npm-dependencies group with 1 update: [@babel/preset-env](https://github.com/babel/babel/tree/HEAD/packages/babel-preset-env ).
Updates `@babel/preset-env` from 7.28.5 to 7.28.6
- [Release notes](https://github.com/babel/babel/releases )
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md )
- [Commits](https://github.com/babel/babel/commits/v7.28.6/packages/babel-preset-env )
---
updated-dependencies:
- dependency-name: "@babel/preset-env"
dependency-version: 7.28.6
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: npm-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-19 15:04:29 +00:00
dependabot[bot]
516a3ad139
Bump the actions-dependencies group with 2 updates
...
Bumps the actions-dependencies group with 2 updates: [actions/setup-node](https://github.com/actions/setup-node ) and [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Updates `actions/setup-node` from 6.0.0 to 6.2.0
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](https://github.com/actions/setup-node/compare/v6.0.0...v6.2.0 )
Updates `actions/upload-artifact` from 5 to 6
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/setup-node
dependency-version: 6.2.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions-dependencies
- dependency-name: actions/upload-artifact
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-19 15:04:00 +00:00
Chad Bentz
12d34de864
Merge pull request #151 from advanced-security/dependabot/npm_and_yarn/tar-7.5.3
...
Bump tar from 7.5.2 to 7.5.3
2026-01-16 16:50:29 -05:00
dependabot[bot]
489141f5b6
Bump tar from 7.5.2 to 7.5.3
...
Bumps [tar](https://github.com/isaacs/node-tar ) from 7.5.2 to 7.5.3.
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v7.5.2...v7.5.3 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.3
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-16 21:49:38 +00:00
Chad Bentz
ea95fe51c8
Merge pull request #150 from advanced-security/dependabot/npm_and_yarn/test/npm_and_yarn-bb754c2437
...
Bump tar from 6.2.1 to 7.5.3 in /test in the npm_and_yarn group across 1 directory
2026-01-16 16:48:32 -05:00
dependabot[bot]
c2b8a66dd5
Bump tar in /test in the npm_and_yarn group across 1 directory
...
Bumps the npm_and_yarn group with 1 update in the /test directory: [tar](https://github.com/isaacs/node-tar ).
Updates `tar` from 6.2.1 to 7.5.3
- [Release notes](https://github.com/isaacs/node-tar/releases )
- [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/isaacs/node-tar/compare/v6.2.1...v7.5.3 )
---
updated-dependencies:
- dependency-name: tar
dependency-version: 7.5.3
dependency-type: direct:production
dependency-group: npm_and_yarn
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-16 21:46:36 +00:00
Chad Bentz
bbaabfd2f9
Merge pull request #148 from advanced-security/dependabot/npm_and_yarn/npm-dependencies-a0793ff638
...
Bump the npm-dependencies group across 1 directory with 6 updates
2026-01-12 22:47:35 -05:00
Chad Bentz
130f5c0c4b
Merge pull request #149 from advanced-security/copilot/sub-pr-148
...
Fix build failure from deprecated @types/glob package
2026-01-12 14:00:24 -05:00
copilot-swe-agent[bot]
0307c61e06
Remove deprecated @types/glob and rebuild dist
...
Co-authored-by: felickz <1760475+felickz@users.noreply.github.com >
2026-01-12 17:34:22 +00:00
copilot-swe-agent[bot]
b73d1f638b
Initial plan
2026-01-12 17:31:08 +00:00
dependabot[bot]
c4dbaddd5a
Bump the npm-dependencies group across 1 directory with 6 updates
...
Bumps the npm-dependencies group with 6 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core ) | `1.11.1` | `2.0.2` |
| [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github ) | `6.0.1` | `7.0.0` |
| [yaml](https://github.com/eemeli/yaml ) | `2.8.1` | `2.8.2` |
| [@eslint/js](https://github.com/eslint/eslint/tree/HEAD/packages/js ) | `9.39.1` | `9.39.2` |
| [eslint](https://github.com/eslint/eslint ) | `9.39.1` | `9.39.2` |
| [ts-jest](https://github.com/kulshekhar/ts-jest ) | `29.4.5` | `29.4.6` |
Updates `@actions/core` from 1.11.1 to 2.0.2
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md )
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core )
Updates `@actions/github` from 6.0.1 to 7.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md )
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github )
Updates `yaml` from 2.8.1 to 2.8.2
- [Release notes](https://github.com/eemeli/yaml/releases )
- [Commits](https://github.com/eemeli/yaml/compare/v2.8.1...v2.8.2 )
Updates `@eslint/js` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases )
- [Commits](https://github.com/eslint/eslint/commits/v9.39.2/packages/js )
Updates `eslint` from 9.39.1 to 9.39.2
- [Release notes](https://github.com/eslint/eslint/releases )
- [Commits](https://github.com/eslint/eslint/compare/v9.39.1...v9.39.2 )
Updates `ts-jest` from 29.4.5 to 29.4.6
- [Release notes](https://github.com/kulshekhar/ts-jest/releases )
- [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md )
- [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.4.5...v29.4.6 )
---
updated-dependencies:
- dependency-name: "@actions/core"
dependency-version: 2.0.2
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: npm-dependencies
- dependency-name: "@actions/github"
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: npm-dependencies
- dependency-name: yaml
dependency-version: 2.8.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: npm-dependencies
- dependency-name: "@eslint/js"
dependency-version: 9.39.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: npm-dependencies
- dependency-name: eslint
dependency-version: 9.39.2
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: npm-dependencies
- dependency-name: ts-jest
dependency-version: 29.4.6
dependency-type: direct:development
update-type: version-update:semver-patch
dependency-group: npm-dependencies
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-01-12 16:28:09 +00:00