From 1dd4a7ac12f9c74900abfb01b6f676dcda238411 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 7 Jul 2024 18:43:19 +0000 Subject: [PATCH] fix: upgrade @actions/http-client from 2.1.0 to 2.2.1 Snyk has created this PR to upgrade @actions/http-client from 2.1.0 to 2.2.1. See this package in npm: @actions/http-client See this project in Snyk: https://app.snyk.io/org/rizwan-r-r/project/9564a0d6-8e23-4a32-8c7d-570c91737959?utm_source=github&utm_medium=referral&page=upgrade-pr --- packages/tool-cache/package-lock.json | 55 ++++++++++++++++++++++----- packages/tool-cache/package.json | 2 +- 2 files changed, 47 insertions(+), 10 deletions(-) diff --git a/packages/tool-cache/package-lock.json b/packages/tool-cache/package-lock.json index 7a63bd3a..0464f51f 100644 --- a/packages/tool-cache/package-lock.json +++ b/packages/tool-cache/package-lock.json @@ -11,7 +11,7 @@ "dependencies": { "@actions/core": "^1.2.6", "@actions/exec": "^1.0.0", - "@actions/http-client": "^2.0.1", + "@actions/http-client": "^2.2.1", "@actions/io": "^1.1.1", "semver": "^7.6.2", "uuid": "^3.3.2" @@ -49,11 +49,13 @@ } }, "node_modules/@actions/http-client": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.1.0.tgz", - "integrity": "sha512-BonhODnXr3amchh4qkmjPMUO8mFi/zLaaCeCAJZqch8iQqyDnVIkySjB38VHAC8IJ+bnlgfOqlhpyCUZHlQsqw==", + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.1.tgz", + "integrity": "sha512-KhC/cZsq7f8I4LfZSJKgCvEwfkE8o1538VoBeoGzokVLLnbFDEAdFD3UhoMklxo2un9NJVBdANOresx7vTHlHw==", + "license": "MIT", "dependencies": { - "tunnel": "^0.0.6" + "tunnel": "^0.0.6", + "undici": "^5.25.4" } }, "node_modules/@actions/io": { @@ -61,6 +63,15 @@ "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz", "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q==" }, + "node_modules/@fastify/busboy": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/@fastify/busboy/-/busboy-2.1.1.tgz", + "integrity": "sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA==", + "license": "MIT", + "engines": { + "node": ">=14" + } + }, "node_modules/@types/nock": { "version": "11.1.0", "resolved": "https://registry.npmjs.org/@types/nock/-/nock-11.1.0.tgz", @@ -171,6 +182,18 @@ "node": ">=0.6.11 <=0.7.0 || >=0.7.3" } }, + "node_modules/undici": { + "version": "5.28.4", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz", + "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==", + "license": "MIT", + "dependencies": { + "@fastify/busboy": "^2.0.0" + }, + "engines": { + "node": ">=14.0" + } + }, "node_modules/uuid": { "version": "3.3.2", "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz", @@ -207,11 +230,12 @@ } }, "@actions/http-client": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.1.0.tgz", - "integrity": "sha512-BonhODnXr3amchh4qkmjPMUO8mFi/zLaaCeCAJZqch8iQqyDnVIkySjB38VHAC8IJ+bnlgfOqlhpyCUZHlQsqw==", + "version": "2.2.1", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.1.tgz", + "integrity": "sha512-KhC/cZsq7f8I4LfZSJKgCvEwfkE8o1538VoBeoGzokVLLnbFDEAdFD3UhoMklxo2un9NJVBdANOresx7vTHlHw==", "requires": { - "tunnel": "^0.0.6" + "tunnel": "^0.0.6", + "undici": "^5.25.4" } }, "@actions/io": { @@ -219,6 +243,11 @@ "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz", "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q==" }, + "@fastify/busboy": { + "version": "2.1.1", + "resolved": "https://registry.npmjs.org/@fastify/busboy/-/busboy-2.1.1.tgz", + "integrity": "sha512-vBZP4NlzfOlerQTnba4aqZoMhE/a9HY7HRqoOPaETQcSQuWEIyZMHGfVu6w9wGtGK5fED5qRs2DteVCjOH60sA==" + }, "@types/nock": { "version": "11.1.0", "resolved": "https://registry.npmjs.org/@types/nock/-/nock-11.1.0.tgz", @@ -304,6 +333,14 @@ "resolved": "https://registry.npmjs.org/tunnel/-/tunnel-0.0.6.tgz", "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==" }, + "undici": { + "version": "5.28.4", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz", + "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==", + "requires": { + "@fastify/busboy": "^2.0.0" + } + }, "uuid": { "version": "3.3.2", "resolved": "https://registry.npmjs.org/uuid/-/uuid-3.3.2.tgz", diff --git a/packages/tool-cache/package.json b/packages/tool-cache/package.json index a102c8e5..493e3fce 100644 --- a/packages/tool-cache/package.json +++ b/packages/tool-cache/package.json @@ -38,7 +38,7 @@ "dependencies": { "@actions/core": "^1.2.6", "@actions/exec": "^1.0.0", - "@actions/http-client": "^2.0.1", + "@actions/http-client": "^2.2.1", "@actions/io": "^1.1.1", "semver": "^7.6.2", "uuid": "^3.3.2"