snyk-bot
|
a362d76e50
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
|
2024-05-22 22:25:38 +01:00 |
|
snyk-bot
|
43fc97624b
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-LODASHSET-1320032
|
2024-05-22 22:06:47 +01:00 |
|
João Caracinha
|
c4a061bfc6
|
Revert "fix: package.json & package-lock.json to reduce vulnerabilities"
This reverts commit ea8764980a .
|
2024-05-22 21:43:18 +01:00 |
|
snyk-bot
|
ea8764980a
|
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-INFLIGHT-6095116
|
2024-05-22 21:41:49 +01:00 |
|
snyk-bot
|
fd5e29a88f
|
fix: upgrade fast-xml-parser from 4.3.2 to 4.3.4
Snyk has created this PR to upgrade fast-xml-parser from 4.3.2 to 4.3.4.
See this package in npm:
https://www.npmjs.com/package/fast-xml-parser
See this project in Snyk:
https://app.snyk.io/org/joaocaracinha/project/004786a0-a107-47e0-aebf-6f9e31651150?utm_source=github&utm_medium=referral&page=upgrade-pr
|
2024-02-22 21:28:16 +00:00 |
|
JoKacar
|
259af38cff
|
Revert "[Snyk] Upgrade @actions/glob from 0.3.0 to 0.4.0"
|
2024-02-21 18:44:08 +00:00 |
|
snyk-bot
|
78b830a7e6
|
fix: upgrade @actions/glob from 0.3.0 to 0.4.0
Snyk has created this PR to upgrade @actions/glob from 0.3.0 to 0.4.0.
See this package in npm:
https://www.npmjs.com/package/@actions/glob
See this project in Snyk:
https://app.snyk.io/org/joaocaracinha/project/004786a0-a107-47e0-aebf-6f9e31651150?utm_source=github&utm_medium=referral&page=upgrade-pr
|
2024-02-14 14:52:56 +00:00 |
|
snyk-bot
|
66996eacf5
|
fix: upgrade fast-xml-parser from 4.2.5 to 4.3.2
Snyk has created this PR to upgrade fast-xml-parser from 4.2.5 to 4.3.2.
See this package in npm:
https://www.npmjs.com/package/fast-xml-parser
See this project in Snyk:
https://app.snyk.io/org/joaocaracinha/project/004786a0-a107-47e0-aebf-6f9e31651150?utm_source=github&utm_medium=referral&page=upgrade-pr
|
2024-01-30 20:35:34 +00:00 |
|
Dmitry Shibanov
|
2216f56ae1
|
Update semver (#468)
|
2023-09-27 13:21:23 +02:00 |
|
dependabot[bot]
|
4dba25fa31
|
Bump word-wrap from 1.2.3 to 1.2.4 (#444)
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4.
- [Release notes](https://github.com/jonschlinkert/word-wrap/releases)
- [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4)
---
updated-dependencies:
- dependency-name: word-wrap
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2023-07-27 13:49:28 +02:00 |
|
dependabot[bot]
|
ada8800330
|
Bump semver from 6.3.0 to 6.3.1 (#443)
|
2023-07-18 15:41:43 +02:00 |
|
Ivan
|
e1749123a8
|
Update dependencies (#440)
* chore: update version of the fast-xml-parser
* chore: update tough-cookie and @azure/ms-rest-js
* chore: update license for the @azure/ms-rest-js
|
2023-07-10 17:20:56 +02:00 |
|
Ivan
|
a6be55a915
|
Update fast-xml-parser and dotnet installer scripts (#437)
* chore: update fast-xlm-parser and dotnet installer scripts
* chore: update license for the fast-xml-parser
|
2023-06-23 09:47:16 +02:00 |
|
Nikolai Laevskii
|
d1c99df34e
|
Parse global.json with JSON5
|
2023-05-31 12:27:52 +02:00 |
|
Nogic
|
3447fd6a9f
|
feat: Cache NuGet global-packages folder (#303)
* feat: cache NuGet global-packages folder
* fix: remove unused files
* docs: fix incorrect action
* ci: add e2e test for cache
* docs: accept suggested changes on README
* docs: add simple cache example
* build: change main script path
* fix: change relative path to install scripts
* fix: change relative path to problem matcher
* refactor: accept changes on cache-utils
* fix: revert main script path changes
* test: fix cache-utils unit test
* test: fix cache-utils unit test
* feat: add `cache-dependency-path` variables
* build: change main script dist path
* ci: add `cache-dependency-path` e2e test & missing lock file
* fix: accept change suggestions
* ci: copy NuGet lock file to root
to pass "test-setup-with-cache" e2e test
* docs: change README guide
* fix: apply suggestions from code review
Co-authored-by: Ivan <98037481+IvanZosimov@users.noreply.github.com>
* test: fix some failed unit tests
- fix `restoreCache()` test for 9703c8
- update installer script
* build: rebuild dist
* Update unit-tests
- Additional unit test were added to setup-dotnet.test.ts
* Update unit tests for unix systems
* Format and lint unit tests
* fix: avoid use '/' on `path.join`
* fix: rebuild dist
* fix: apply suggestions from code review
Co-authored-by: Ivan <98037481+IvanZosimov@users.noreply.github.com>
* build: add `DisableImplicitNuGetFallbackFolder` option
also add guide on README
* docs: highlight warnings and notes
* docs: update note about handling NU1403
---------
Co-authored-by: Ivan <98037481+IvanZosimov@users.noreply.github.com>
Co-authored-by: IvanZosimov <ivanzosimov@github.com>
|
2023-05-29 12:43:18 +02:00 |
|
Nikolai Laevskii
|
1ad2e312fa
|
Add missing dependency
|
2023-05-25 13:40:06 +02:00 |
|
Nikolai Laevskii
|
e3f84b8f7a
|
Install eslint-plugin-node
|
2023-05-25 13:38:43 +02:00 |
|
Ivan
|
c82240598b
|
Add and configure ESLint and update configuration for Prettier (#391)
* Apply ESLint config and update Prettier
* Update dependencies and rebuild
* Update docs
|
2023-03-09 14:43:05 +02:00 |
|
dependabot[bot]
|
ae8edb8fff
|
Bump json5 from 2.1.3 to 2.2.3 (#365)
Bumps [json5](https://github.com/json5/json5) from 2.1.3 to 2.2.3.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](https://github.com/json5/json5/compare/v2.1.3...v2.2.3)
---
updated-dependencies:
- dependency-name: json5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2023-01-06 17:20:11 +01:00 |
|
dependabot[bot]
|
c5d2f92cae
|
Bump minimatch from 3.0.4 to 3.1.2 (#347)
|
2022-11-18 15:49:29 +01:00 |
|
Evgenii Korolevskii
|
239baf3c5b
|
Merge branch 'main' into refactor-nuget-cfg-parse
|
2022-10-13 16:34:35 +02:00 |
|
Ivan
|
4d4a70f4a5
|
Add logic for processing DOTNET_INSTALL_DIR environment variable (#332)
|
2022-10-10 14:27:29 +02:00 |
|
Francesco Renzi
|
9260643816
|
Update @actions/core to 1.10.0
|
2022-10-06 12:05:06 +01:00 |
|
Ivan
|
45c9f236cf
|
Enable ability to change .NET SDK installation directory by DOTNET_INSTALL_DIR environment variable (#329)
|
2022-10-04 10:22:05 +02:00 |
|
Evgenii Korolevskii
|
354d280fa3
|
refactor using of XMLBuilder
|
2022-09-30 01:54:05 +02:00 |
|
Evgenii Korolevskii
|
90642fa8c5
|
update parser to v4
|
2022-09-29 18:23:42 +02:00 |
|
Ivan
|
0705ef0281
|
Implement proposal stated in ADR for setup-dotnet v3 and functionality from feature request #219 (#315)
|
2022-09-27 14:47:12 +02:00 |
|
panticmilos
|
df51eabf53
|
Update package lock version
|
2022-09-05 13:18:26 +02:00 |
|
Nogic
|
d26ead4cf0
|
chore(deps-dev): migrate husky config to v8
Follow: https://github.com/typicode/husky-4-to-8
- npm install husky --save-dev
- npx husky-init
- npm exec -- github:typicode/husky-4-to-8 --remove-v4-config
|
2022-07-29 07:17:54 +00:00 |
|
Dmitry Shibanov
|
5cc895510b
|
Update @zeit/ncc to @vercel/ncc (#290)
* update @zeit/ncc to @vercel/ncc
* rebuild project
|
2022-04-28 11:37:53 +02:00 |
|
Vladimir Safonkin
|
fcf565ec50
|
Update vulnerable packages
|
2022-04-21 11:17:56 +02:00 |
|
Vladimir Safonkin
|
9744af7b74
|
Update dependencies
|
2022-02-24 18:04:55 +03:00 |
|
Vladimir Safonkin
|
d292011f5d
|
Update node version to v16
|
2022-02-24 11:16:01 +03:00 |
|
La'Kaleigh Harris
|
550702114f
|
Support multiple versions in single invocation (#240)
|
2021-11-23 13:03:56 +03:00 |
|
Vladimir Safonkin
|
463326422f
|
Update jest
|
2021-10-13 16:35:23 +03:00 |
|
Vladimir Safonkin
|
547d075822
|
Revert jest version
|
2021-10-13 14:58:41 +03:00 |
|
Vladimir Safonkin
|
fc9265379f
|
Update deps with force
|
2021-10-13 14:50:32 +03:00 |
|
Vladimir Safonkin
|
8ca0cf75a1
|
Update dependencies
|
2021-10-13 14:20:02 +03:00 |
|
dependabot[bot]
|
af0ed6536b
|
Bump tmpl from 1.0.4 to 1.0.5
Bumps [tmpl](https://github.com/daaku/nodejs-tmpl) from 1.0.4 to 1.0.5.
- [Release notes](https://github.com/daaku/nodejs-tmpl/releases)
- [Commits](https://github.com/daaku/nodejs-tmpl/commits/v1.0.5)
---
updated-dependencies:
- dependency-name: tmpl
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-10-13 07:14:28 +00:00 |
|
dependabot[bot]
|
26be14c4e1
|
Bump path-parse from 1.0.6 to 1.0.7
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)
---
updated-dependencies:
- dependency-name: path-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-08-11 08:44:30 +00:00 |
|
Vladimir Safonkin
|
9647326bcf
|
Merge pull request #212 from actions/dependabot/npm_and_yarn/ws-7.5.0
Bump ws from 7.3.1 to 7.5.0
|
2021-06-28 11:40:18 +03:00 |
|
Vladimir Safonkin
|
f720d14d91
|
Merge pull request #198 from actions/dependabot/npm_and_yarn/hosted-git-info-2.8.9
Bump hosted-git-info from 2.8.8 to 2.8.9
|
2021-06-28 11:14:17 +03:00 |
|
dependabot[bot]
|
634914df32
|
Bump lodash from 4.17.20 to 4.17.21
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.20 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.20...4.17.21)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-06-28 07:44:45 +00:00 |
|
dependabot[bot]
|
4fc55d8fdb
|
Bump ws from 7.3.1 to 7.5.0
Bumps [ws](https://github.com/websockets/ws) from 7.3.1 to 7.5.0.
- [Release notes](https://github.com/websockets/ws/releases)
- [Commits](https://github.com/websockets/ws/compare/7.3.1...7.5.0)
---
updated-dependencies:
- dependency-name: ws
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-06-28 07:44:32 +00:00 |
|
Vladimir Safonkin
|
b25fa305a3
|
Merge remote-tracking branch 'upstream/main' into dependabot/npm_and_yarn/node-notifier-8.0.1
|
2021-06-28 10:29:43 +03:00 |
|
dependabot[bot]
|
5b0ff19756
|
Bump hosted-git-info from 2.8.8 to 2.8.9
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.8 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.8...v2.8.9)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-05-11 01:09:33 +00:00 |
|
dependabot[bot]
|
8dcf1ee9bc
|
Bump y18n from 4.0.0 to 4.0.1
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)
Signed-off-by: dependabot[bot] <support@github.com>
|
2021-03-30 22:18:10 +00:00 |
|
dependabot[bot]
|
9fdd50a4bb
|
Bump node-notifier from 8.0.0 to 8.0.1
Bumps [node-notifier](https://github.com/mikaelbr/node-notifier) from 8.0.0 to 8.0.1.
- [Release notes](https://github.com/mikaelbr/node-notifier/releases)
- [Changelog](https://github.com/mikaelbr/node-notifier/blob/v8.0.1/CHANGELOG.md)
- [Commits](https://github.com/mikaelbr/node-notifier/compare/v8.0.0...v8.0.1)
Signed-off-by: dependabot[bot] <support@github.com>
|
2020-12-22 08:02:59 +00:00 |
|
Thomas Boop
|
51f68377c1
|
Update @actions/core Version and move towards uses environment files to talk to runner (#135)
* update toolkit version
* update licensed
* fix typo
|
2020-09-29 08:12:29 -07:00 |
|
dependabot[bot]
|
9d7c66c348
|
Bump node-fetch from 2.6.0 to 2.6.1 (#127)
* Bump node-fetch from 2.6.0 to 2.6.1
Bumps [node-fetch](https://github.com/bitinn/node-fetch) from 2.6.0 to 2.6.1.
- [Release notes](https://github.com/bitinn/node-fetch/releases)
- [Changelog](https://github.com/node-fetch/node-fetch/blob/master/docs/CHANGELOG.md)
- [Commits](https://github.com/bitinn/node-fetch/compare/v2.6.0...v2.6.1)
Signed-off-by: dependabot[bot] <support@github.com>
* Package and index update
* Formatting on installer.test
* Updated licenses
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zachary Eisinger <zeisinger@github.com>
|
2020-09-21 12:49:32 -07:00 |
|