From e909aafdf5ad8001f1b35122f722bf4ecce296ee Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Sat, 8 Feb 2025 22:38:41 -0500 Subject: [PATCH 1/3] attest: update undici package to 5.25.5 Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- packages/attest/package-lock.json | 14 +++++++------- packages/attest/package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/packages/attest/package-lock.json b/packages/attest/package-lock.json index 11ad6b8e8e..05214ff14e 100644 --- a/packages/attest/package-lock.json +++ b/packages/attest/package-lock.json @@ -22,7 +22,7 @@ "@sigstore/rekor-types": "^3.0.0", "@types/jsonwebtoken": "^9.0.6", "nock": "^13.5.1", - "undici": "^5.28.4" + "undici": "^5.28.5" } }, "node_modules/@actions/core": { @@ -1657,9 +1657,9 @@ } }, "node_modules/undici": { - "version": "5.28.4", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz", - "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==", + "version": "5.28.5", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.5.tgz", + "integrity": "sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==", "dependencies": { "@fastify/busboy": "^2.0.0" }, @@ -3047,9 +3047,9 @@ "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==" }, "undici": { - "version": "5.28.4", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.4.tgz", - "integrity": "sha512-72RFADWFqKmUb2hmmvNODKL3p9hcB6Gt2DOQMis1SEBaV6a4MH8soBvzg+95CYhCKPFedut2JY9bMfrDl9D23g==", + "version": "5.28.5", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.5.tgz", + "integrity": "sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==", "requires": { "@fastify/busboy": "^2.0.0" } diff --git a/packages/attest/package.json b/packages/attest/package.json index 91b2f57a75..0112710260 100644 --- a/packages/attest/package.json +++ b/packages/attest/package.json @@ -39,7 +39,7 @@ "@sigstore/rekor-types": "^3.0.0", "@types/jsonwebtoken": "^9.0.6", "nock": "^13.5.1", - "undici": "^5.28.4" + "undici": "^5.28.5" }, "dependencies": { "@actions/core": "^1.11.1", From 781ff42c2574a516e312bc77f56689ffd97ff42d Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Sat, 8 Feb 2025 23:04:55 -0500 Subject: [PATCH 2/3] github: update @actions/http-client to pull in undici update Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- packages/github/package-lock.json | 26 +++++++++++++------------- packages/github/package.json | 4 ++-- 2 files changed, 15 insertions(+), 15 deletions(-) diff --git a/packages/github/package-lock.json b/packages/github/package-lock.json index a33f8b4113..4a5f985bc9 100644 --- a/packages/github/package-lock.json +++ b/packages/github/package-lock.json @@ -9,7 +9,7 @@ "version": "6.0.0", "license": "MIT", "dependencies": { - "@actions/http-client": "^2.2.0", + "@actions/http-client": "^2.2.3", "@octokit/core": "^5.0.1", "@octokit/plugin-paginate-rest": "^9.0.0", "@octokit/plugin-rest-endpoint-methods": "^10.0.0" @@ -19,9 +19,9 @@ } }, "node_modules/@actions/http-client": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.0.tgz", - "integrity": "sha512-q+epW0trjVUUHboliPb4UF9g2msf+w61b32tAkFEwL/IwP0DQWgbCMM0Hbe3e3WXSKz5VcUXbzJQgy8Hkra/Lg==", + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz", + "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==", "dependencies": { "tunnel": "^0.0.6", "undici": "^5.25.4" @@ -346,9 +346,9 @@ } }, "node_modules/undici": { - "version": "5.25.4", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.25.4.tgz", - "integrity": "sha512-450yJxT29qKMf3aoudzFpIciqpx6Pji3hEWaXqXmanbXF58LTAGCKxcJjxMXWu3iG+Mudgo3ZUfDB6YDFd/dAw==", + "version": "5.28.5", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.5.tgz", + "integrity": "sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==", "dependencies": { "@fastify/busboy": "^2.0.0" }, @@ -369,9 +369,9 @@ }, "dependencies": { "@actions/http-client": { - "version": "2.2.0", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.0.tgz", - "integrity": "sha512-q+epW0trjVUUHboliPb4UF9g2msf+w61b32tAkFEwL/IwP0DQWgbCMM0Hbe3e3WXSKz5VcUXbzJQgy8Hkra/Lg==", + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz", + "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==", "requires": { "tunnel": "^0.0.6", "undici": "^5.25.4" @@ -619,9 +619,9 @@ "integrity": "sha512-1h/Lnq9yajKY2PEbBadPXj3VxsDDu844OnaAo52UVmIzIvwwtBPIuNvkjuzBlTWpfJyUbG3ez0KSBibQkj4ojg==" }, "undici": { - "version": "5.25.4", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.25.4.tgz", - "integrity": "sha512-450yJxT29qKMf3aoudzFpIciqpx6Pji3hEWaXqXmanbXF58LTAGCKxcJjxMXWu3iG+Mudgo3ZUfDB6YDFd/dAw==", + "version": "5.28.5", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.28.5.tgz", + "integrity": "sha512-zICwjrDrcrUE0pyyJc1I2QzBkLM8FINsgOrt6WjA+BgajVq9Nxu2PbFFXUrAggLfDXlZGZBVZYw7WNV5KiBiBA==", "requires": { "@fastify/busboy": "^2.0.0" } diff --git a/packages/github/package.json b/packages/github/package.json index 20ae2302f5..0ce4a5f99e 100644 --- a/packages/github/package.json +++ b/packages/github/package.json @@ -38,7 +38,7 @@ "url": "https://github.com/actions/toolkit/issues" }, "dependencies": { - "@actions/http-client": "^2.2.0", + "@actions/http-client": "^2.2.3", "@octokit/core": "^5.0.1", "@octokit/plugin-paginate-rest": "^9.0.0", "@octokit/plugin-rest-endpoint-methods": "^10.0.0" @@ -46,4 +46,4 @@ "devDependencies": { "proxy": "^2.1.1" } -} \ No newline at end of file +} From 9d3bf02ad08ca6fb000efa9634603e9591e53c2d Mon Sep 17 00:00:00 2001 From: Josh Soref <2119212+jsoref@users.noreply.github.com> Date: Sat, 8 Feb 2025 23:05:19 -0500 Subject: [PATCH 3/3] update package-lock to fix cross-spawn complaint Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com> --- package-lock.json | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package-lock.json b/package-lock.json index b97deae9fa..07262b6d66 100644 --- a/package-lock.json +++ b/package-lock.json @@ -5938,9 +5938,9 @@ } }, "node_modules/cross-spawn": { - "version": "7.0.3", - "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.3.tgz", - "integrity": "sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w==", + "version": "7.0.6", + "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-7.0.6.tgz", + "integrity": "sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA==", "dev": true, "dependencies": { "path-key": "^3.1.0",