actions/setup-go
1
0
Fork 0
mirror of https://github.com/actions/setup-go.git synced 2025-09-02 04:27:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: actions:node24
Branches Tags
actions:main actions:dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-8.41.0 actions:dependabot/npm_and_yarn/typescript-eslint/parser-8.41.0 actions:node24-fix actions:dependabot/npm_and_yarn/nock-14.0.10 actions:dependabot/npm_and_yarn/types/node-24.3.0 actions:node24 actions:dependabot/github_actions/actions/checkout-5 actions:test-macos-x64-runner actions:dependabot/npm_and_yarn/eslint-config-prettier-10.1.8 actions:restore-v4-release actions:add-publish-immutable-actions actions:restore-v3-release actions:thboop/node16update actions:releases/v1 actions:master actions:goenv actions:matcher actions:binpath actions:v2-proxy actions:ethomson/update_description
actions:v5.5.0 actions:v5 actions:v4.2.1 actions:v4 actions:v3.6.1 actions:v3 actions:v3.6.0 actions:v4.2.0 actions:v5.4.0 actions:v5.3.0 actions:v5.2.0 actions:v5.1.0 actions:v5.0.2 actions:v5.0.1 actions:v5.0.0 actions:v4.1.0 actions:v4.0.1 actions:v4.0.0 actions:v3.5.0 actions:v3.4.0 actions:v3.3.1 actions:v3.3.0 actions:v3.2.1 actions:v3.2.0 actions:v3.1.0 actions:v3.0.0 actions:v2.2.0 actions:v2 actions:v2.1.5 actions:v2.1.4 actions:v1 actions:v1.1.3 actions:v2.1.3 actions:v2.1.2 actions:v2.1.1 actions:v2.1.0 actions:v2-beta actions:v2.0.3 actions:v2.0.2 actions:v2.0.1 actions:v1.1.2 actions:v1.1.1 actions:v1.1.0 actions:v1.0.2 actions:v1.0.1 actions:v1.0.0
..
compare: actions:node24-fix
Branches Tags
actions:main actions:dependabot/npm_and_yarn/typescript-eslint/eslint-plugin-8.41.0 actions:dependabot/npm_and_yarn/typescript-eslint/parser-8.41.0 actions:node24-fix actions:dependabot/npm_and_yarn/nock-14.0.10 actions:dependabot/npm_and_yarn/types/node-24.3.0 actions:node24 actions:dependabot/github_actions/actions/checkout-5 actions:test-macos-x64-runner actions:dependabot/npm_and_yarn/eslint-config-prettier-10.1.8 actions:restore-v4-release actions:add-publish-immutable-actions actions:restore-v3-release actions:thboop/node16update actions:releases/v1 actions:master actions:goenv actions:matcher actions:binpath actions:v2-proxy actions:ethomson/update_description
actions:v5.5.0 actions:v5 actions:v4.2.1 actions:v4 actions:v3.6.1 actions:v3 actions:v3.6.0 actions:v4.2.0 actions:v5.4.0 actions:v5.3.0 actions:v5.2.0 actions:v5.1.0 actions:v5.0.2 actions:v5.0.1 actions:v5.0.0 actions:v4.1.0 actions:v4.0.1 actions:v4.0.0 actions:v3.5.0 actions:v3.4.0 actions:v3.3.1 actions:v3.3.0 actions:v3.2.1 actions:v3.2.0 actions:v3.1.0 actions:v3.0.0 actions:v2.2.0 actions:v2 actions:v2.1.5 actions:v2.1.4 actions:v1 actions:v1.1.3 actions:v2.1.3 actions:v2.1.2 actions:v2.1.1 actions:v2.1.0 actions:v2-beta actions:v2.0.3 actions:v2.0.2 actions:v2.0.1 actions:v1.1.2 actions:v1.1.1 actions:v1.1.0 actions:v1.0.2 actions:v1.0.1 actions:v1.0.0

9 Commits
node24 ... node24-fix

Author SHA1 Message Date
Aparna Jyothi
4fc21c0d5d npm run format 2025-08-20 10:26:44 +05:30
Aparna Jyothi
da434008b8 npm run format 2025-08-20 10:25:25 +05:30
Aparna Jyothi
565ba0f11a update node24 2025-08-19 17:55:57 +05:30
Aparna Jyothi
7ca6144633 package-lock.json update 2025-08-19 16:23:34 +05:30
Aparna Jyothi
af03c14274 check failure fix 2025-08-14 19:11:11 +05:30
Aparna Jyothi
c3e3067955 Merge remote-tracking branch 'origin/main' into node24-fix 2025-08-14 19:05:12 +05:30
Aparna Jyothi
d7ffe7f414 update package.json version 2025-08-14 18:58:44 +05:30
Aparna Jyothi
22d9ca5e06 upgrade @types/node 2025-08-14 18:56:26 +05:30
Matthew Hughes
e75c3e80bc Bump form-data to bring in fix for critical vulnerability (#618) 
The vulnerability:

    $ npm audit --audit-level=high
    # npm audit report

    form-data  >=4.0.0 <4.0.4 || <2.5.4
    Severity: critical
    form-data uses unsafe random function in form-data for choosing boundary - https://github.com/advisories/GHSA-fjxv-7rqg-78g4
    form-data uses unsafe random function in form-data for choosing boundary - https://github.com/advisories/GHSA-fjxv-7rqg-78g4
    fix available via `npm audit fix`
    node_modules/@azure/core-http/node_modules/form-data
    node_modules/@types/node-fetch/node_modules/form-data
    node_modules/form-data

    1 critical severity vulnerability

    To address all issues, run:
      npm audit fix

This change is the result of from running `npm audit fix` and then
using[1] to update licenses via `licensed cache`.

It doesn't look like `dependabot` previously raised any PRs for this
dependency, so this bumps it from `4.0.0` to `4.0.4`, see the
changelog[2] for details.

Link: https://github.com/licensee/licensed [1]
Link: https://github.com/form-data/form-data/blob/v4.0.4/CHANGELOG.md [2]
 2025-08-13 12:02:46 -05:00
7 changed files with 22 additions and 19 deletions
Expand all files Collapse all files

2
.licenses/npm/@types/node.dep.yml generated
View File

@@ -1,6 +1,6 @@
--- ---
name: "@types/node" name: "@types/node"
version: 20.11.28 version: 24.1.0
type: npm type: npm
summary: TypeScript definitions for node summary: TypeScript definitions for node
homepage: https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node homepage: https://github.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/node

1
.licenses/npm/function-bind.dep.yml generated
View File

@@ -29,4 +29,3 @@ licenses:
THE SOFTWARE. THE SOFTWARE.
notices: [] notices: []
...

6
.licenses/npm/undici-types.dep.yml generated
View File

@@ -1,15 +1,17 @@
--- ---
name: undici-types name: undici-types
version: 5.26.5 version: 7.8.0
type: npm type: npm
summary: A stand-alone types package for Undici summary: A stand-alone types package for Undici
homepage: https://undici.nodejs.org homepage: https://undici.nodejs.org
license: mit license: mit
licenses: licenses:
- sources: Auto-generated MIT license text - sources: LICENSE
text: | text: |
MIT License MIT License
Copyright (c) Matteo Collina and Undici contributors
Permission is hereby granted, free of charge, to any person obtaining a copy Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights in the Software without restriction, including without limitation the rights

22
package-lock.json generated
View File

@@ -1,12 +1,12 @@
{ {
"name": "setup-go", "name": "setup-go",
"version": "5.0.0", "version": "6.0.0",
"lockfileVersion": 3, "lockfileVersion": 3,
"requires": true, "requires": true,
"packages": { "packages": {
"": { "": {
"name": "setup-go", "name": "setup-go",
"version": "5.0.0", "version": "6.0.0",
"license": "MIT", "license": "MIT",
"dependencies": { "dependencies": {
"@actions/cache": "^4.0.3", "@actions/cache": "^4.0.3",
@@ -20,7 +20,7 @@
}, },
"devDependencies": { "devDependencies": {
"@types/jest": "^29.5.14", "@types/jest": "^29.5.14",
"@types/node": "^20.11.28", "@types/node": "^24.1.0",
"@types/semver": "^7.5.8", "@types/semver": "^7.5.8",
"@typescript-eslint/eslint-plugin": "^8.31.1", "@typescript-eslint/eslint-plugin": "^8.31.1",
"@typescript-eslint/parser": "^8.35.1", "@typescript-eslint/parser": "^8.35.1",
@@ -1602,11 +1602,12 @@
} }
}, },
"node_modules/@types/node": { "node_modules/@types/node": {
"version": "20.11.28", "version": "24.1.0",
"resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.28.tgz", "resolved": "https://registry.npmjs.org/@types/node/-/node-24.1.0.tgz",
"integrity": "sha512-M/GPWVS2wLkSkNHVeLkrF2fD5Lx5UC4PxA0uZcKc6QqbIQUJyW1jVjueJYi1z8n0I5PxYrtpnPnWglE+y9A0KA==", "integrity": "sha512-ut5FthK5moxFKH2T1CUOC6ctR67rQRvvHdFLCD2Ql6KXmMuCrjsSsRI9UsLCm9M18BMwClv4pn327UvB7eeO1w==",
"license": "MIT",
"dependencies": { "dependencies": {
"undici-types": "~5.26.4" "undici-types": "~7.8.0"
} }
}, },
"node_modules/@types/node-fetch": { "node_modules/@types/node-fetch": {
@@ -5976,9 +5977,10 @@
} }
}, },
"node_modules/undici-types": { "node_modules/undici-types": {
"version": "5.26.5", "version": "7.8.0",
"resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz", "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.8.0.tgz",
"integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA==" "integrity": "sha512-9UJ2xGDvQ43tYyVMpuHlsgApydB8ZKfVYTsLDhXkFL/6gfkp+U8xTGdh8pMJv1SpZna0zxG1DwsKZsreLbXBxw==",
"license": "MIT"
}, },
"node_modules/update-browserslist-db": { "node_modules/update-browserslist-db": {
"version": "1.0.13", "version": "1.0.13",

6
package.json
View File

@@ -1,10 +1,10 @@
{ {
"name": "setup-go", "name": "setup-go",
"version": "5.0.0", "version": "6.0.0",
"private": true, "private": true,
"description": "setup go action", "description": "setup go action",
"main": "lib/setup-go.js", "main": "lib/setup-go.js",
"engines": { "engines": {
"node": ">=24.0.0" "node": ">=24.0.0"
}, },
"scripts": { "scripts": {
@@ -39,7 +39,7 @@
}, },
"devDependencies": { "devDependencies": {
"@types/jest": "^29.5.14", "@types/jest": "^29.5.14",
"@types/node": "^20.11.28", "@types/node": "^24.1.0",
"@types/semver": "^7.5.8", "@types/semver": "^7.5.8",
"@typescript-eslint/eslint-plugin": "^8.31.1", "@typescript-eslint/eslint-plugin": "^8.31.1",
"@typescript-eslint/parser": "^8.35.1", "@typescript-eslint/parser": "^8.35.1",