From 0955f25542c4c3f58705b3c777c33608ebe2c5bf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Mar 2026 21:44:42 +0000 Subject: [PATCH] Bump undici and @actions/http-client Bumps [undici](https://github.com/nodejs/undici) to 6.23.0 and updates ancestor dependency [@actions/http-client](https://github.com/actions/toolkit/tree/HEAD/packages/http-client). These dependencies need to be updated together. Updates `undici` from 5.29.0 to 6.23.0 - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.29.0...v6.23.0) Updates `@actions/http-client` from 2.2.3 to 4.0.0 - [Changelog](https://github.com/actions/toolkit/blob/main/packages/http-client/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/@actions/cache@4.0.0/packages/http-client) --- updated-dependencies: - dependency-name: undici dependency-version: 6.23.0 dependency-type: indirect - dependency-name: "@actions/http-client" dependency-version: 4.0.0 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- package-lock.json | 74 +++++++++++++++++++++++++++++++++-------------- package.json | 2 +- 2 files changed, 54 insertions(+), 22 deletions(-) diff --git a/package-lock.json b/package-lock.json index b3fa41a..dcaa096 100644 --- a/package-lock.json +++ b/package-lock.json @@ -13,7 +13,7 @@ "@actions/core": "^1.11.1", "@actions/exec": "^1.1.1", "@actions/glob": "^0.5.0", - "@actions/http-client": "^2.2.1", + "@actions/http-client": "^4.0.0", "@actions/io": "^1.0.2", "@actions/tool-cache": "^2.0.2", "semver": "^7.7.3" @@ -101,15 +101,6 @@ "semver": "bin/semver.js" } }, - "node_modules/@actions/cache/node_modules/undici": { - "version": "6.23.0", - "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz", - "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==", - "license": "MIT", - "engines": { - "node": ">=18.17" - } - }, "node_modules/@actions/core": { "version": "1.11.1", "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.11.1.tgz", @@ -120,6 +111,28 @@ "@actions/http-client": "^2.0.1" } }, + "node_modules/@actions/core/node_modules/@actions/http-client": { + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz", + "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==", + "license": "MIT", + "dependencies": { + "tunnel": "^0.0.6", + "undici": "^5.25.4" + } + }, + "node_modules/@actions/core/node_modules/undici": { + "version": "5.29.0", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.29.0.tgz", + "integrity": "sha512-raqeBD6NQK4SkWhQzeYKd1KmIG6dllBOTt55Rmkt4HtI9mwdWtJljnrXjAFUBLTSN67HWrOIZ3EPF4kjUw80Bg==", + "license": "MIT", + "dependencies": { + "@fastify/busboy": "^2.0.0" + }, + "engines": { + "node": ">=14.0" + } + }, "node_modules/@actions/exec": { "version": "1.1.1", "resolved": "https://registry.npmjs.org/@actions/exec/-/exec-1.1.1.tgz", @@ -140,13 +153,13 @@ } }, "node_modules/@actions/http-client": { - "version": "2.2.3", - "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz", - "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==", + "version": "4.0.0", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-4.0.0.tgz", + "integrity": "sha512-QuwPsgVMsD6qaPD57GLZi9sqzAZCtiJT8kVBCDpLtxhL5MydQ4gS+DrejtZZPdIYyB1e95uCK9Luyds7ybHI3g==", "license": "MIT", "dependencies": { "tunnel": "^0.0.6", - "undici": "^5.25.4" + "undici": "^6.23.0" } }, "node_modules/@actions/io": { @@ -168,6 +181,16 @@ "semver": "^6.1.0" } }, + "node_modules/@actions/tool-cache/node_modules/@actions/http-client": { + "version": "2.2.3", + "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-2.2.3.tgz", + "integrity": "sha512-mx8hyJi/hjFvbPokCg4uRd4ZX78t+YyRPtnKWwIl+RzNaVuFpQHfmlGVfsKEJN8LwTCvL+DfVgAM04XaHkm6bA==", + "license": "MIT", + "dependencies": { + "tunnel": "^0.0.6", + "undici": "^5.25.4" + } + }, "node_modules/@actions/tool-cache/node_modules/semver": { "version": "6.3.1", "resolved": "https://registry.npmjs.org/semver/-/semver-6.3.1.tgz", @@ -177,6 +200,18 @@ "semver": "bin/semver.js" } }, + "node_modules/@actions/tool-cache/node_modules/undici": { + "version": "5.29.0", + "resolved": "https://registry.npmjs.org/undici/-/undici-5.29.0.tgz", + "integrity": "sha512-raqeBD6NQK4SkWhQzeYKd1KmIG6dllBOTt55Rmkt4HtI9mwdWtJljnrXjAFUBLTSN67HWrOIZ3EPF4kjUw80Bg==", + "license": "MIT", + "dependencies": { + "@fastify/busboy": "^2.0.0" + }, + "engines": { + "node": ">=14.0" + } + }, "node_modules/@azure/abort-controller": { "version": "1.1.0", "resolved": "https://registry.npmjs.org/@azure/abort-controller/-/abort-controller-1.1.0.tgz", @@ -6294,15 +6329,12 @@ } }, "node_modules/undici": { - "version": "5.29.0", - "resolved": "https://registry.npmjs.org/undici/-/undici-5.29.0.tgz", - "integrity": "sha512-raqeBD6NQK4SkWhQzeYKd1KmIG6dllBOTt55Rmkt4HtI9mwdWtJljnrXjAFUBLTSN67HWrOIZ3EPF4kjUw80Bg==", + "version": "6.23.0", + "resolved": "https://registry.npmjs.org/undici/-/undici-6.23.0.tgz", + "integrity": "sha512-VfQPToRA5FZs/qJxLIinmU59u0r7LXqoJkCzinq3ckNJp3vKEh7jTWN589YQ5+aoAC/TGRLyJLCPKcLQbM8r9g==", "license": "MIT", - "dependencies": { - "@fastify/busboy": "^2.0.0" - }, "engines": { - "node": ">=14.0" + "node": ">=18.17" } }, "node_modules/undici-types": { diff --git a/package.json b/package.json index fe64a1e..f029238 100644 --- a/package.json +++ b/package.json @@ -32,7 +32,7 @@ "@actions/core": "^1.11.1", "@actions/exec": "^1.1.1", "@actions/glob": "^0.5.0", - "@actions/http-client": "^2.2.1", + "@actions/http-client": "^4.0.0", "@actions/io": "^1.0.2", "@actions/tool-cache": "^2.0.2", "semver": "^7.7.3"