Aiqiao Yan
|
36d90eb54c
|
Merge pull request #2356 from actions/dependabot/npm_and_yarn/flatted-3.4.2
chore(deps-dev): bump flatted from 3.3.3 to 3.4.2
|
2026-04-21 12:59:58 -04:00 |
|
dependabot[bot]
|
3c424f0d63
|
chore(deps-dev): bump axios from 1.12.2 to 1.15.1
Bumps [axios](https://github.com/axios/axios) from 1.12.2 to 1.15.1.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.12.2...v1.15.1)
---
updated-dependencies:
- dependency-name: axios
dependency-version: 1.15.1
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-04-20 21:34:33 +00:00 |
|
dependabot[bot]
|
1f375f130a
|
chore(deps-dev): bump follow-redirects from 1.15.11 to 1.16.0
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.15.11 to 1.16.0.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.15.11...v1.16.0)
---
updated-dependencies:
- dependency-name: follow-redirects
dependency-version: 1.16.0
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-04-15 18:58:03 +00:00 |
|
dependabot[bot]
|
233d556477
|
chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2
Bumps [picomatch](https://github.com/micromatch/picomatch) from 2.3.1 to 2.3.2.
- [Release notes](https://github.com/micromatch/picomatch/releases)
- [Changelog](https://github.com/micromatch/picomatch/blob/master/CHANGELOG.md)
- [Commits](https://github.com/micromatch/picomatch/compare/2.3.1...2.3.2)
---
updated-dependencies:
- dependency-name: picomatch
dependency-version: 2.3.2
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-03-25 22:41:36 +00:00 |
|
dependabot[bot]
|
23cbecacad
|
chore(deps-dev): bump flatted from 3.3.3 to 3.4.2
Bumps [flatted](https://github.com/WebReflection/flatted) from 3.3.3 to 3.4.2.
- [Commits](https://github.com/WebReflection/flatted/compare/v3.3.3...v3.4.2)
---
updated-dependencies:
- dependency-name: flatted
dependency-version: 3.4.2
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-03-21 10:32:03 +00:00 |
|
Lokesh Gopu
|
b77f226465
|
Merge pull request #2249 from actions/fix/upgrade-octokit-dependencies
upgrade octokit dependencies
|
2026-01-22 14:46:12 -05:00 |
|
Lokesh Gopu
|
f61ae48376
|
upgrade octokit dependencies
|
2026-01-22 11:59:59 -05:00 |
|
dependabot[bot]
|
bd561a6765
|
chore(deps): bump lodash from 4.17.21 to 4.17.23
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.21 to 4.17.23.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.21...4.17.23)
---
updated-dependencies:
- dependency-name: lodash
dependency-version: 4.17.23
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2026-01-22 00:03:54 +00:00 |
|
Salman Muin Kayser Chishti
|
8883833d6d
|
chore: fix npm audit vulnerabilities (glob, js-yaml)
|
2025-12-08 21:14:00 +00:00 |
|
Salman Muin Kayser Chishti
|
88a490d2ce
|
override for node-fetch
|
2025-10-15 16:28:21 +01:00 |
|
Salman Muin Kayser Chishti
|
33a9b6c09c
|
update with dist updates
|
2025-10-15 16:22:51 +01:00 |
|
Salman Muin Kayser Chishti
|
7aea3e735f
|
changes
|
2025-09-08 15:37:51 +01:00 |
|
Salman Muin Kayser Chishti
|
011f07d1dc
|
package changes
|
2025-09-04 12:58:54 +01:00 |
|
Salman Muin Kayser Chishti
|
aa7077acfb
|
Override to fix npm audit stuff
|
2025-09-04 12:49:31 +01:00 |
|
Salman Muin Kayser Chishti
|
86207b5042
|
remove engines 24 reuqirement from toolkit and fix test
|
2025-09-04 12:41:43 +01:00 |
|
Salman Muin Kayser Chishti
|
f82db4c00b
|
audit fix
|
2025-08-08 12:26:34 +01:00 |
|
Salman Muin Kayser Chishti
|
ece2273b24
|
updates
|
2025-07-31 23:48:44 +01:00 |
|
Bassem Dghaidi
|
ab8110fa2f
|
Remove unecessary packages from top level package.json
|
2024-11-14 06:36:42 -08:00 |
|
Bassem Dghaidi
|
83baffc3f6
|
Package upgrades with security fixes
|
2024-11-14 03:34:32 -08:00 |
|
Bassem Dghaidi
|
70e5684b1f
|
Merge branch 'main' into neo-cache-service
|
2024-09-24 02:36:02 -07:00 |
|
Thomas Boop
|
48a65377c0
|
Fix HTTP client tests (#1792)
* fix tests and update dependencies
|
2024-08-15 16:53:06 -04:00 |
|
Rob Herley
|
56832696fc
|
npm audit fix
|
2024-07-03 17:03:40 +00:00 |
|
Bassem Dghaidi
|
264230c2c5
|
add debug
|
2024-05-23 09:04:37 -07:00 |
|
eggyhead
|
c01bc907ed
|
fixing https://github.com/advisories/GHSA-f5x3-32g6-xq36
|
2024-04-10 21:30:24 +00:00 |
|
Brian DeHamer
|
4ce4c767e2
|
npm audit fix
Signed-off-by: Brian DeHamer <bdehamer@github.com>
|
2024-03-22 12:44:24 -07:00 |
|
bethanyj28
|
b956d8a4dd
|
audit, lint, format
|
2024-02-22 17:55:53 -05:00 |
|
Vallie Joseph
|
d63a8c4d3f
|
updating package-json
|
2024-01-09 17:13:35 +00:00 |
|
Rob Herley
|
9e7201ff5b
|
audit fix
|
2023-11-20 16:51:13 +00:00 |
|
Rob Herley
|
8cd02dfabc
|
audit fix
|
2023-10-16 16:27:26 +00:00 |
|
Tatyana Kostromskaya
|
b2d5fa216f
|
update github package
|
2023-09-14 14:32:08 +00:00 |
|
Tatyana Kostromskaya
|
ce31408ff5
|
Update dependencies
|
2023-09-08 14:29:27 +00:00 |
|
Vallie Joseph
|
2461056696
|
Audit Fix (#1480)
* fixing audit failures
* replacing lerna bootstrap with npm command
* audit fix for cache and tool-cache
* updating tunnel
* upgrading core packages
* re-adding tunnel as prod dep
* updating dependencies
* updating exec deps
* updating exec io package
* .
* Revert
* updating packages
* adding core as dep
* updating learna config
* updating lerna commands
* Removing audit failing packages in cache + tool-cache
* updating contribution bootstrap description
* updating libraries
* prettier lint
* hiding stricter rules
* updating prettier command
* Removing unknown flag
* Adding eslint prettier
* ignoring sym links
* updating ignore path
* updating prettier rules
* changing prettier + github ver
* updating ts and ignores
* Revert ts
* Adding unknown ignores
* downgrading lerna
* .
* adding nx
* Adding lint auto lint rules
* updating eslint ignore for glob packages
* Adding subdirs to ignore
* adding flag for ignore pattern in linter
* Expanding ignore regex
* Adding ignore rules
* adding another ignore pattern to tsconfig eslint
* adding ignore pattern to eslintrc
* syncing package-json
* updating traverse
* .
* test adding core and http client to base package
* running npm ci
* adding tsconfig paths
* adding base URL
* Adding explicit path to core and http-client
* editing tsc call
* updating artifact packages
* force build
* updating lock file version
* updating lock file version
* upgrading node version
* Adding babel traverse back
* fixing build issue
* fixing typescript ver
* updating package json
* Adding ignore for artifact test
* adding ignore to flags
* unlink after test completes
* cleanup
* merge + package edit
|
2023-08-03 16:36:11 -04:00 |
|
dependabot[bot]
|
c6005c2a3c
|
Bump http-cache-semantics from 4.1.0 to 4.1.1
Bumps [http-cache-semantics](https://github.com/kornelski/http-cache-semantics) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/kornelski/http-cache-semantics/releases)
- [Commits](https://github.com/kornelski/http-cache-semantics/compare/v4.1.0...v4.1.1)
---
updated-dependencies:
- dependency-name: http-cache-semantics
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2023-02-03 04:52:15 +00:00 |
|
Ferenc Hammerl
|
4ea08312c6
|
Fix json5 vuln
|
2023-01-03 13:37:01 +01:00 |
|
Ferenc Hammerl
|
56c460630a
|
Fix audit
|
2022-12-14 01:27:55 +01:00 |
|
Ferenc Hammerl
|
c91bdbadbf
|
Update ts types to node16
|
2022-12-14 01:13:46 +01:00 |
|
Sankalp Kotewar
|
3fd7f664a6
|
Merge remote-tracking branch 'origin/main' into segment-download-timeout
|
2022-08-09 10:38:08 +00:00 |
|
Thomas Boop
|
30995490f2
|
Update lerna dependency. (#1149)
* fix audit
* update linter
|
2022-08-08 14:39:23 -04:00 |
|
Sankalp Kotewar
|
fe1ee8b6b4
|
Updated lerna to 5.3.0 due to audit reasons
|
2022-08-03 14:25:32 +00:00 |
|
Luke Tomlinson
|
d594f1e4b3
|
Fix npm audit (#1040)
|
2022-03-31 14:40:06 -04:00 |
|
Ashwin Sangem
|
58406447b5
|
Fixed toolkit audit by running npm audit fix.
|
2022-03-23 11:24:15 +00:00 |
|
Luke Tomlinson
|
6ce349e08c
|
Update High Severity Dev Dependencies (#923)
* Update deps
* More Updates
* Use npm 7
* Update package-lock.json
|
2021-10-14 09:20:09 -04:00 |
|
Thomas Boop
|
27f76dfe1a
|
Full release of actions/core 1.6.0 with oidc behavior (#919)
* OIDC Client for actions/core
Co-authored-by: Sourav Chanduka <souravchanduka37@gmail.com>
Co-authored-by: Sourav Chanduka <souravchanduka@users.noreply.github.com>
Co-authored-by: Tingluo Huang <tingluohuang@github.com>
|
2021-09-28 12:55:21 -04:00 |
|
Luke Tomlinson
|
ea81280a4d
|
Update release for core 1.5.0 (#873)
* Update release for core 1.5.0
* Update RELEASES.md
* Run npm audit fix
|
2021-08-18 09:26:19 -04:00 |
|
Brian Cristante
|
9167ce1f3a
|
Resolve vulnerabilities found by npm audit (#846)
|
2021-06-16 09:20:08 -04:00 |
|
dependabot[bot]
|
aa29345ae8
|
Bump ws from 7.2.3 to 7.4.6 (#823)
Bumps [ws](https://github.com/websockets/ws) from 7.2.3 to 7.4.6.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.2.3...7.4.6)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2021-06-01 09:50:25 -04:00 |
|
Thomas Boop
|
0d74e9080a
|
Re-enable the audit tools step and update dependencies (#815)
* update package versions
* run audit
* fix eslint config
* linter updates
* re-enable audit
* update timeouts test
* pass done into callback
* fix format
|
2021-05-21 09:19:40 -04:00 |
|
dependabot[bot]
|
1bafbed467
|
Bump lodash from 4.17.15 to 4.17.21 (#801)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.21)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2021-05-14 14:39:47 -04:00 |
|
dependabot[bot]
|
cac7db2d19
|
Bump handlebars from 4.5.3 to 4.7.7 (#799)
Bumps [handlebars](https://github.com/wycats/handlebars.js) from 4.5.3 to 4.7.7.
- [Release notes](https://github.com/wycats/handlebars.js/releases)
- [Changelog](https://github.com/handlebars-lang/handlebars.js/blob/master/release-notes.md)
- [Commits](https://github.com/wycats/handlebars.js/compare/v4.5.3...v4.7.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2021-05-07 16:37:28 -04:00 |
|
dependabot[bot]
|
fecf6cdd59
|
Bump hosted-git-info from 2.7.1 to 2.8.9 (#800)
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.7.1 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.9)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2021-05-07 14:17:30 -04:00 |
|