From 317d6dc36c79fc616d23608d1e1bdeb98f5b199f Mon Sep 17 00:00:00 2001 From: Snyk bot Date: Mon, 15 Aug 2022 04:02:11 +0100 Subject: [PATCH] fix: package.json & package-lock.json to reduce vulnerabilities (#129) The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ACTIONSCORE-2980270 --- package-lock.json | 33 ++++++++++++++++++++++++--------- package.json | 2 +- 2 files changed, 25 insertions(+), 10 deletions(-) diff --git a/package-lock.json b/package-lock.json index 5efd855..9ce3dc7 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,7 +9,7 @@ "version": "2.3.0", "license": "MIT", "dependencies": { - "@actions/core": "^1.9.0", + "@actions/core": "^1.9.1", "@actions/github": "^5.0.3", "@octokit/rest": "^18.12.0", "axios": "^0.27.2", @@ -33,11 +33,12 @@ } }, "node_modules/@actions/core": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.0.tgz", - "integrity": "sha512-5pbM693Ih59ZdUhgk+fts+bUWTnIdHV3kwOSr+QIoFHMLg7Gzhwm0cifDY/AG68ekEJAkHnQVpcy4f6GjmzBCA==", + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.1.tgz", + "integrity": "sha512-5ad+U2YGrmmiw6du20AQW5XuWo7UKN2052FjSV7MX+Wfjf8sCqcsZe62NfgHys4QI4/Y+vQvLKYL8jWtA1ZBTA==", "dependencies": { - "@actions/http-client": "^2.0.1" + "@actions/http-client": "^2.0.1", + "uuid": "^8.3.2" } }, "node_modules/@actions/github": { @@ -6167,6 +6168,14 @@ "punycode": "^2.1.0" } }, + "node_modules/uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==", + "bin": { + "uuid": "dist/bin/uuid" + } + }, "node_modules/v8-compile-cache": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.3.0.tgz", @@ -6416,11 +6425,12 @@ }, "dependencies": { "@actions/core": { - "version": "1.9.0", - "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.0.tgz", - "integrity": "sha512-5pbM693Ih59ZdUhgk+fts+bUWTnIdHV3kwOSr+QIoFHMLg7Gzhwm0cifDY/AG68ekEJAkHnQVpcy4f6GjmzBCA==", + "version": "1.9.1", + "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.9.1.tgz", + "integrity": "sha512-5ad+U2YGrmmiw6du20AQW5XuWo7UKN2052FjSV7MX+Wfjf8sCqcsZe62NfgHys4QI4/Y+vQvLKYL8jWtA1ZBTA==", "requires": { - "@actions/http-client": "^2.0.1" + "@actions/http-client": "^2.0.1", + "uuid": "^8.3.2" } }, "@actions/github": { @@ -11013,6 +11023,11 @@ "punycode": "^2.1.0" } }, + "uuid": { + "version": "8.3.2", + "resolved": "https://registry.npmjs.org/uuid/-/uuid-8.3.2.tgz", + "integrity": "sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==" + }, "v8-compile-cache": { "version": "2.3.0", "resolved": "https://registry.npmjs.org/v8-compile-cache/-/v8-compile-cache-2.3.0.tgz", diff --git a/package.json b/package.json index 8bbd6fd..221f96f 100644 --- a/package.json +++ b/package.json @@ -26,7 +26,7 @@ "author": "Naoki Oketani ", "license": "MIT", "dependencies": { - "@actions/core": "^1.9.0", + "@actions/core": "^1.9.1", "@actions/github": "^5.0.3", "@octokit/rest": "^18.12.0", "axios": "^0.27.2",