[pull] main from actions:main by pull[bot] · Pull Request #10 · threatcode/actions

pull · 2024-01-28T18:50:45Z

See Commits and Changes for more details.

Created by pull[bot] (v2.0.0-alpha.4)

Can you help keep this open source service alive? 💖 Please sponsor : )

Prepare cache `v4.1.0` release

…failure

…-cache Dependabot: add support for `/packages/artifact` and `/packages/cache`

Bumps the artifact-minor-patch group in /packages/artifact with 5 updates: | Package | From | To | | --- | --- | --- | | [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) | `1.10.0` | `1.11.1` | | [@azure/storage-blob](https://github.com/Azure/azure-sdk-for-js) | `12.15.0` | `12.28.0` | | [@protobuf-ts/plugin](https://github.com/timostamm/protobuf-ts/tree/HEAD/packages/plugin) | `2.9.1` | `2.11.1` | | [typedoc](https://github.com/TypeStrong/TypeDoc) | `0.25.4` | `0.28.13` | | [typescript](https://github.com/microsoft/TypeScript) | `5.2.2` | `5.9.2` | Updates `@actions/core` from 1.10.0 to 1.11.1 - [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core) Updates `@azure/storage-blob` from 12.15.0 to 12.28.0 - [Release notes](https://github.com/Azure/azure-sdk-for-js/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-js/blob/main/documentation/Changelog-for-next-generation.md) - [Commits](https://github.com/Azure/azure-sdk-for-js/compare/@azure/storage-blob_12.15.0...@azure/storage-blob_12.28.0) Updates `@protobuf-ts/plugin` from 2.9.1 to 2.11.1 - [Release notes](https://github.com/timostamm/protobuf-ts/releases) - [Commits](https://github.com/timostamm/protobuf-ts/commits/v2.11.1/packages/plugin) Updates `typedoc` from 0.25.4 to 0.28.13 - [Release notes](https://github.com/TypeStrong/TypeDoc/releases) - [Changelog](https://github.com/TypeStrong/typedoc/blob/master/CHANGELOG.md) - [Commits](TypeStrong/typedoc@v0.25.4...v0.28.13) Updates `typescript` from 5.2.2 to 5.9.2 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release-publish.yml) - [Commits](microsoft/TypeScript@v5.2.2...v5.9.2) --- updated-dependencies: - dependency-name: "@actions/core" dependency-version: 1.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: artifact-minor-patch - dependency-name: "@azure/storage-blob" dependency-version: 12.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: artifact-minor-patch - dependency-name: "@protobuf-ts/plugin" dependency-version: 2.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: artifact-minor-patch - dependency-name: typedoc dependency-version: 0.28.13 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: artifact-minor-patch - dependency-name: typescript dependency-version: 5.9.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: artifact-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>

…e whole module

…s/artifact/artifact-minor-patch-612b72ffd4 Bump the artifact-minor-patch group in /packages/artifact with 5 updates

[ARTIFACT] Reject download promise if timeout was reached

…meout Test: add a timeout test for downloading chunks from the stream

Bumps the artifact-minor-patch group in /packages/artifact with 5 updates: | Package | From | To | | --- | --- | --- | | [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) | `1.10.0` | `1.11.1` | | [@azure/storage-blob](https://github.com/Azure/azure-sdk-for-js) | `12.15.0` | `12.28.0` | | [@protobuf-ts/plugin](https://github.com/timostamm/protobuf-ts/tree/HEAD/packages/plugin) | `2.9.1` | `2.11.1` | | [typedoc](https://github.com/TypeStrong/TypeDoc) | `0.25.4` | `0.28.13` | | [typescript](https://github.com/microsoft/TypeScript) | `5.2.2` | `5.9.2` | Updates `@actions/core` from 1.10.0 to 1.11.1 - [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core) Updates `@azure/storage-blob` from 12.15.0 to 12.28.0 - [Release notes](https://github.com/Azure/azure-sdk-for-js/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-js/blob/main/documentation/Changelog-for-next-generation.md) - [Commits](https://github.com/Azure/azure-sdk-for-js/compare/@azure/storage-blob_12.15.0...@azure/storage-blob_12.28.0) Updates `@protobuf-ts/plugin` from 2.9.1 to 2.11.1 - [Release notes](https://github.com/timostamm/protobuf-ts/releases) - [Commits](https://github.com/timostamm/protobuf-ts/commits/v2.11.1/packages/plugin) Updates `typedoc` from 0.25.4 to 0.28.13 - [Release notes](https://github.com/TypeStrong/TypeDoc/releases) - [Changelog](https://github.com/TypeStrong/typedoc/blob/master/CHANGELOG.md) - [Commits](TypeStrong/typedoc@v0.25.4...v0.28.13) Updates `typescript` from 5.2.2 to 5.9.2 - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release-publish.yml) - [Commits](microsoft/TypeScript@v5.2.2...v5.9.2) --- updated-dependencies: - dependency-name: "@actions/core" dependency-version: 1.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: artifact-minor-patch - dependency-name: "@azure/storage-blob" dependency-version: 12.28.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: artifact-minor-patch - dependency-name: "@protobuf-ts/plugin" dependency-version: 2.11.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: artifact-minor-patch - dependency-name: typedoc dependency-version: 0.28.13 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: artifact-minor-patch - dependency-name: typescript dependency-version: 5.9.2 dependency-type: direct:development update-type: version-update:semver-minor dependency-group: artifact-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com>

ESM-only with updated @octokit dependencies

* `@actions/artifact`: convert to an ESM module * Update the package-lock.json * Undo the GHES ignores * Fix the reference to `@actions/http-client` in the lock file * Bump `@actions/core` to `3.0.0` * Remove `jest.config.cjs` * Import `OctoKitOptions` from `@octokit/core/types` * Pull the package version from `package.json` * Workaround getting the package version for the user-agent * Fix the `archiver` import * Fix linting

* `@actions/glob`: convert to an ESM module * Update packages/glob/RELEASES.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

* `@actions/tool-cache`: convert to an ESM module * Fix jest config * Downgrade `nock` since it's conflicting with `@actions/attest`'s version

* `@actions/cache`: convert to an ESM module * Update the fixture to ESM syntax * Update the cache workflows * Bump `@actions/glob` to `0.6.1` * Fix awaiting in the cache unit tests * Fix a type issues in contracts * Export the `DownloadOptions`/`UploadOptions` like before * More cache test fixes * Make the cache units tests better * Add some more logging * Add retries to restore-cache.mjs

Bumps [tar](https://github.com/isaacs/node-tar) from 7.5.6 to 7.5.7. - [Release notes](https://github.com/isaacs/node-tar/releases) - [Changelog](https://github.com/isaacs/node-tar/blob/main/CHANGELOG.md) - [Commits](isaacs/node-tar@v7.5.6...v7.5.7) --- updated-dependencies: - dependency-name: tar dependency-version: 7.5.7 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>

…s/attest/tar-7.5.7 chore(deps): bump tar from 7.5.6 to 7.5.7 in /packages/attest

* Download artifact: don't extract the downloaded file if the content-type isn't a zip * Remove unused `import` * Add support for specifying whether to skip decompressing * Prevent path traversal attacks * Fix indenting * Update packages/artifact/__tests__/download-artifact.test.ts Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Parse the mime type out of the content-type header Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * Fix some linting issues * Swap `zip` for `application/zip-compressed` * Test: negative check for malicious paths * Increase the timeout on one of the tests * Check the URL path for `.zip` to see if we can auto-decompress * Fix linting issue * Bump the package version and add release notes * Remove `launch.json` --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

Bumps [fast-xml-parser](https://github.com/NaturalIntelligence/fast-xml-parser) from 5.3.3 to 5.3.4. - [Release notes](https://github.com/NaturalIntelligence/fast-xml-parser/releases) - [Changelog](https://github.com/NaturalIntelligence/fast-xml-parser/blob/master/CHANGELOG.md) - [Commits](NaturalIntelligence/fast-xml-parser@v5.3.3...v5.3.4) --- updated-dependencies: - dependency-name: fast-xml-parser dependency-version: 5.3.4 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

pull bot added ⤵️ pull merge-conflict Resolve conflicts manually labels Jan 28, 2024

salmanmkc and others added 28 commits September 8, 2025 15:36

http

b1eb18b

changes

7aea3e7

Prepapre cache v4.1.0 release

9a41b33

Merge pull request #2132 from actions/Link-/cache-4.1.0

3898ed7

Prepare cache `v4.1.0` release

Merge remote-tracking branch 'upstream/main' into reject-on-download-…

8c6c662

…failure

use error in both reject and destroy

7c689a5

Dependabot: add support for /packages/artifact and `/packages/cache

7da95b1

Update the group names

1ea77a8

Merge pull request #2134 from actions/danwkennedy/dependabot-artifact…

8e146e1

…-cache Dependabot: add support for `/packages/artifact` and `/packages/cache`

Take a direct dependency on @azure/core-http

ca8a35d

fix: only mock the cpus() function on the os module instead of th…

1db3130

…e whole module

Merge pull request #2136 from actions/dependabot/npm_and_yarn/package…

f2ba502

…s/artifact/artifact-minor-patch-612b72ffd4 Bump the artifact-minor-patch group in /packages/artifact with 5 updates

lint

8444236

Merge pull request #2124 from akashchi/reject-on-download-failure

714f93a

[ARTIFACT] Reject download promise if timeout was reached

Test: add a timeout test for downloading chunks from the stream

d26e942

Fix linting

9b08f07

Merge pull request #2133 from actions/danwkennedy/test-blob-stream-ti…

ddc5fa4

…meout Test: add a timeout test for downloading chunks from the stream

update with dist updates

33a9b6c

remove cache size limit

308e05b

new error state, tests to cover

36f30e6

lint

d1c1fc4

no need to resolve

0c907a4

Prepapre cache v4.1.0 release

59c7ebd

Dependabot: add support for /packages/artifact and `/packages/cache

f9bdf6a

Update the group names

ad4afee

Take a direct dependency on @azure/core-http

ee5d897

danwkennedy and others added 30 commits January 27, 2026 10:29

Release @actions/github v8.0.1

c0ef67e

Bump @actions/http-client and @actions/github on all packages

76339b5

Attest: undo the @actions/github/@octokit bumps

dc6427f

Bump @actions/core to 2.0.3 on @actions/glob

e8e0ce7

Bump @actions/glob version to 0.5.1

ecdfc18

ESM-only with updated @octokit dependencies

b05d26b

Bump @actions/glob to 0.5.1 in @actions/cache

e827417

Merge pull request #2260 from actions/lokesh755-actions-github-v9-esm

a2986ee

ESM-only with updated @octokit dependencies

http-client: convert to ESM

c9ab4f9

Add proxy/interfaces exports

d464f9d

Fix a JSON lint issue

965dcc7

Add a release entry for 4.0.0

4446f00

@actions/io: convert to ESM module

5501ba0

Add release notes

9e060cb

@actions/io: export lib/io-util

758b556

@actions/io: update lock file version

a6e9f4b

@actions/exec: convert to ESM module

0fc1805

Bump @actions/io to 3.0.2

c9c663b

@actions/core: convert to ESM module

ed3ea3b

@actions/glob: convert to an ESM module (#2273)

7a0147b

* `@actions/glob`: convert to an ESM module * Update packages/glob/RELEASES.md Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --------- Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>

@actions/tool-cache: convert to an ESM module (#2274)

9d912b1

* `@actions/tool-cache`: convert to an ESM module * Fix jest config * Downgrade `nock` since it's conflicting with `@actions/attest`'s version

@actions/glob: fix minimatch imports (#2276)

b48854e

@actions/attest: convert to an ESM module (#2278)

0be0a6e

Merge pull request #2268 from actions/dependabot/npm_and_yarn/package…

ffae274

…s/attest/tar-7.5.7 chore(deps): bump tar from 7.5.6 to 7.5.7 in /packages/attest

Releases: use ubuntu-latest instead of macos-latest-large (#2284)

5203b67

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[pull] main from actions:main#10

[pull] main from actions:main#10
pull[bot] wants to merge 936 commits intothreatcode:mainfrom
actions:main

pull bot commented Jan 28, 2024 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

18 participants

Conversation

pull bot commented Jan 28, 2024 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

18 participants

pull bot commented Jan 28, 2024 •

edited

Loading