nna/npm-audit-action
3
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
251 Commits 1 Branch 2 Tags
c0f05feb6d59cdaf0bf9c0f9a13ba78afd49cc8e
Commit Graph

95 Commits

Author SHA1 Message Date
Naoki Oketani
e94b48fef5 Update @actions/github to v6.0.0 and @octokit/rest to v21.1.1 to fix vulnerabilities 2025-05-01 12:32:43 +00:00
Naoki Oketani
afc12b064d Fix vulnerabilities with npm audit fix 2025-05-01 12:20:32 +00:00
Naoki Oketani
414f093a36 Update to Node.js 20 compatibility 2025-05-01 12:05:25 +00:00
dependabot[bot]
c48cf2cdbc build(deps-dev): bump @babel/traverse from 7.20.5 to 7.23.2 
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.20.5 to 7.23.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse)

---
updated-dependencies:
- dependency-name: "@babel/traverse"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-10-18 20:39:01 +00:00
Naoki Oketani
3a2f56f628 chore(deps-dev): bump @vercel/ncc from 0.36.1 to 0.38.0 2023-10-09 20:54:54 +09:00
Naoki Oketani
686b7f2a2a chore(deps-dev): bump prettier from 2.8.7 to 3.0.3 2023-10-09 19:03:31 +09:00
Naoki Oketani
eb61a543f7 chore(deps-dev): bump jest from 29.5.0 to 29.7.0 2023-10-09 18:45:59 +09:00
Naoki Oketani
7df42b1e71 chore(deps-dev): bump typescript from 4.9.4 to 5.2.2 2023-10-09 18:35:38 +09:00
snyk-bot
343e8eed29 fix: upgrade @actions/core from 1.10.0 to 1.10.1 
Snyk has created this PR to upgrade @actions/core from 1.10.0 to 1.10.1.

See this package in npm:
https://www.npmjs.com/package/@actions/core

See this project in Snyk:
https://app.snyk.io/org/oke-py/project/c6e7d31d-2862-4162-9c76-afc8027c13b3?utm_source=github&utm_medium=referral&page=upgrade-pr
 2023-10-09 10:56:09 +09:00
snyk-bot
96dbf7337a fix: upgrade @octokit/rest from 19.0.11 to 19.0.13 
Snyk has created this PR to upgrade @octokit/rest from 19.0.11 to 19.0.13.

See this package in npm:
https://www.npmjs.com/package/@octokit/rest

See this project in Snyk:
https://app.snyk.io/org/oke-py/project/c6e7d31d-2862-4162-9c76-afc8027c13b3?utm_source=github&utm_medium=referral&page=upgrade-pr
 2023-10-09 10:46:13 +09:00
Naoki Oketani
0cebbe6ab6 chore(deps-dev): bump graphql from 16.6.0 to 16.8.1 2023-10-09 01:31:57 +00:00
Naoki Oketani
2bf8d9f6cb chore(package): npm audit fix 2023-10-09 01:19:58 +00:00
dependabot[bot]
452c2b732b build(deps-dev): bump word-wrap from 1.2.3 to 1.2.4 
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4)

---
updated-dependencies:
- dependency-name: word-wrap
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-07-18 20:18:36 +00:00
snyk-bot
9759466e6a fix: upgrade @octokit/rest from 19.0.5 to 19.0.11 
Snyk has created this PR to upgrade @octokit/rest from 19.0.5 to 19.0.11.

See this package in npm:
https://www.npmjs.com/package/@octokit/rest

See this project in Snyk:
https://app.snyk.io/org/oke-py/project/c6e7d31d-2862-4162-9c76-afc8027c13b3?utm_source=github&utm_medium=referral&page=upgrade-pr
 2023-06-26 15:15:59 +00:00
Naoki Oketani
0cbdd1f2f3 refactor: replace axios call with octokit 2023-04-22 13:29:59 +00:00
Naoki Oketani
1d24a21f5b chore(package): bump prettier from 2.8.1 to 2.8.7 2023-04-22 03:44:36 +00:00
Naoki Oketani
e2b2b152f0 chore(package): bump @vercel/ncc from 0.36.0 to 0.36.1 2023-04-22 03:34:49 +00:00
Naoki Oketani
bc50f240cb chore(package): bump eslint from 8.30.0 to 8.38.0 2023-04-21 13:42:39 +00:00
Naoki Oketani
f04460c863 chore(package): bump jest from 29.3.1 to 29.5.0 2023-04-21 13:23:02 +00:00
Naoki Oketani
20a9df040b chore(package): bump json5 from 1.0.1 to 1.0.2 to fix CVE-2022-46175 2023-01-05 09:49:07 +09:00
oke-py
225a86c216 2.4.4 2023-01-02 02:46:08 +00:00
oke-py
e9f4193777 2.4.3 2023-01-02 02:27:47 +00:00
oke-py
24a371a262 2.4.2 2022-12-30 01:29:40 +00:00
Naoki Oketani
a40918918b chore(package): bump axios from 1.2.1 to 1.2.2 2022-12-30 10:16:38 +09:00
Naoki Oketani
086a272a06 chore(package): bump graphql from 16.5.0 to 16.6.0 2022-12-30 09:48:30 +09:00
Naoki Oketani
fb555ab6c0 chore(package): bump @vercel/ncc from 0.34.0 to 0.36.0 2022-12-30 09:45:26 +09:00
Naoki Oketani
c942dbff6c chore(package): bump prettier from 2.7.1 to 2.8.1 2022-12-30 09:42:12 +09:00
Naoki Oketani
f9bdcdef4d chore(package): bump @typescript-eslint/parser from 5.46.1 to 5.47.1 2022-12-30 09:38:44 +09:00
oke-py
808cdb44d5 2.4.1 2022-12-24 01:15:06 +00:00
Naoki Oketani
2d5d6a8bb4 chore(package): bump @octokit/rest from 18.12.0 to 19.0.5 2022-12-23 21:34:57 +09:00
Naoki Oketani
fdd783bbc7 chore(package): bump eslint from 8.19.0 to 8.30.0 2022-12-18 14:19:43 +09:00
Naoki Oketani
b3d30b2367 chore(package): bump jest from 27.2.5 to 29.3.1 2022-12-18 14:09:18 +09:00
Naoki Oketani
84a239a23d chore(package): bump @actions/github from 5.0.3 to 5.1.1 2022-12-11 16:13:15 +09:00
Naoki Oketani
25d0ce465a chore(package): bump axios from 0.27.2 to 1.2.1 2022-12-11 13:20:46 +09:00
Naoki Oketani
eb5e3041a4 chore(package): bump @typescript-eslint/parser from 5.30.5 to 5.46.0 2022-12-11 13:10:05 +09:00
Naoki Oketani
686d6554cd chore(package): bump @types/node from 16.11.43 to 18.11.13 2022-12-11 13:06:22 +09:00
Naoki Oketani
6302adc652 chore(package): bump typescript from 3.9.10 to 4.9.4 2022-12-11 13:06:14 +09:00
Naoki Oketani
a59f3e9eb1 release: 2.4.0 2022-12-10 22:32:38 +09:00
Naoki Oketani
c9382a0fb4 update @actions/core not to use deprecated commands 
https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/
 2022-12-10 21:53:13 +09:00
Snyk bot
317d6dc36c fix: package.json & package-lock.json to reduce vulnerabilities (#129) 
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-ACTIONSCORE-2980270
 2022-08-15 12:02:11 +09:00
Naoki Oketani
c2ee44bdb9 update dependencies (#126) 
* update dependencies

* update devDependencies
 2022-07-09 18:36:20 +09:00
Naoki Oketani
fb1ae3934f 2.3.0 2022-07-09 18:12:31 +09:00
Naoki Oketani
b3151e9e51 2.2.0 2022-05-12 07:45:34 +09:00
Naoki Oketani
c0410c237f Adds 'info', 'none' as a valid argument for audit-level (#120) 
* Adds 'info', 'none' as a valid argument for audit-level

* 2.1.0
 2022-04-12 08:19:34 +09:00
Naoki Oketani
e3662da326 Update default runtime to node16 (#118) 
* Update default runtime to node16

* update dependencies

* 2.0.0
 2022-03-26 15:31:24 +09:00
Naoki Oketani
6818f639a6 npm audit fix (#117) 2022-03-24 17:40:08 +09:00
Naoki Oketani
01882980c1 npm audit fix to fix CVE-2022-0536 (#111) 
* `npm audit fix` to fix CVE-2022-0536

* `npm run all` to apply the updates of dependencies
 2022-02-20 19:45:25 +09:00
Naoki Oketani
02cb9c4d3b fix CVE-2022-0235 (#108) 
* npm audit fix

* npm run all

* 1.8.4

* update README and daily action to use v1.8.4
 2022-01-25 12:30:57 +09:00
Naoki Oketani
8196a9cc90 Release v1.8.3 (#105) 
* 1.8.3

* update README and daily action to use v1.8.3
 2022-01-15 18:33:23 +09:00
Naoki Oketani
f03c7d976f fix CVE-2022-0155 (#104) 
* `npm audit fix` to fix CVE-2022-0155

* `npm run all` to apply the updates of dependencies
 2022-01-15 18:28:01 +09:00