From bbee663ef5a9a498d4d00f83d8f2f7f60168875c Mon Sep 17 00:00:00 2001 From: Jan Larwig Date: Mon, 20 Jan 2025 15:10:03 +0100 Subject: [PATCH] chore(dep): update node and github action dependencies --- .github/workflows/node.js.yml | 4 +-- README.md | 4 +-- dist/index.js | 14 +++++--- package-lock.json | 67 ++++++++++++++++------------------- package.json | 8 ++--- 5 files changed, 48 insertions(+), 49 deletions(-) diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml index b0b2eed..76f0fdb 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/node.js.yml @@ -10,10 +10,10 @@ jobs: steps: - uses: actions/checkout@v4 - - name: Use Node 20 + - name: Use Node 22 uses: actions/setup-node@v4 with: - node-version: 20 + node-version: 22 - run: npm ci - run: npm run format:check - run: npm run build diff --git a/README.md b/README.md index ce0f754..93f5336 100644 --- a/README.md +++ b/README.md @@ -28,7 +28,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: jamesgeorge007/github-activity-readme@master env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} @@ -73,7 +73,7 @@ jobs: contents: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: jamesgeorge007/github-activity-readme@master env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/dist/index.js b/dist/index.js index fc568be..bbfd576 100644 --- a/dist/index.js +++ b/dist/index.js @@ -8920,15 +8920,17 @@ function escapeArgument(arg, doubleEscapeMetaChars) { arg = `${arg}`; // Algorithm below is based on https://qntm.org/cmd + // It's slightly altered to disable JS backtracking to avoid hanging on specially crafted input + // Please see https://github.com/moxystudio/node-cross-spawn/pull/160 for more information // Sequence of backslashes followed by a double quote: // double up all the backslashes and escape the double quote - arg = arg.replace(/(\\*)"/g, '$1$1\\"'); + arg = arg.replace(/(?=(\\+?)?)\1"/g, '$1$1\\"'); // Sequence of backslashes followed by the end of the string // (which will become a double quote later): // double up all the backslashes - arg = arg.replace(/(\\*)$/, '$1$1'); + arg = arg.replace(/(?=(\\+?)?)\1$/, '$1$1'); // All other backslashes occur literally @@ -9005,10 +9007,12 @@ const pathKey = __nccwpck_require__(539)(); function resolveCommandAttempt(parsed, withoutPathExt) { const cwd = process.cwd(); const hasCustomCwd = parsed.options.cwd != null; + // Worker threads do not have process.chdir() + const shouldSwitchCwd = hasCustomCwd && process.chdir !== undefined; // If a custom `cwd` was specified, we need to change the process cwd // because `which` will do stat calls but does not support a custom cwd - if (hasCustomCwd) { + if (shouldSwitchCwd) { try { process.chdir(parsed.options.cwd); } catch (err) { @@ -9026,7 +9030,9 @@ function resolveCommandAttempt(parsed, withoutPathExt) { } catch (e) { /* Empty */ } finally { - process.chdir(cwd); + if (shouldSwitchCwd) { + process.chdir(cwd); + } } // If we successfully resolved, ensure that an absolute path is returned diff --git a/package-lock.json b/package-lock.json index 6ee766c..32be3c6 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,29 +1,30 @@ { "name": "github-activity-readme", - "version": "0.4.4", + "version": "0.4.5", "lockfileVersion": 2, "requires": true, "packages": { "": { "name": "github-activity-readme", - "version": "0.4.4", + "version": "0.4.5", "license": "MIT", "dependencies": { - "@actions/core": "^1.10.1", + "@actions/core": "^1.11.1", "actions-toolkit": "^6.0.1" }, "devDependencies": { - "@vercel/ncc": "^0.38.1", - "prettier": "^3.2.5" + "@vercel/ncc": "^0.38.3", + "prettier": "^3.4.2" } }, "node_modules/@actions/core": { - "version": "1.10.1", - "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.1.tgz", - "integrity": "sha512-3lBR9EDAY+iYIpTnTIXmWcNbX3T2kCkAEQGIQx4NVQ0575nk2k3GRZDTPQG+vVtS2izSLmINlxXf0uLtnrTP+g==", + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.11.1.tgz", + "integrity": "sha512-hXJCSrkwfA46Vd9Z3q4cpEpHB1rL5NG04+/rbqW9d3+CSvtB1tYe8UTpAlixa1vj0m/ULglfEK2UKxMGxCxv5A==", + "license": "MIT", "dependencies": { - "@actions/http-client": "^2.0.1", - "uuid": "^8.3.2" + "@actions/exec": "^1.1.1", + "@actions/http-client": "^2.0.1" } }, "node_modules/@actions/exec": { @@ -324,10 +325,11 @@ } }, "node_modules/@vercel/ncc": { - "version": "0.38.1", - "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.38.1.tgz", - "integrity": "sha512-IBBb+iI2NLu4VQn3Vwldyi2QwaXt5+hTyh58ggAMoCGE6DJmPvwL3KPBWcJl1m9LYPChBLE980Jw+CS4Wokqxw==", + "version": "0.38.3", + "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.38.3.tgz", + "integrity": "sha512-rnK6hJBS6mwc+Bkab+PGPs9OiS0i/3kdTO+CkI8V0/VrW3vmz7O2Pxjw/owOlmo6PKEIxRSeZKv/kuL9itnpYA==", "dev": true, + "license": "MIT", "bin": { "ncc": "dist/ncc/cli.js" } @@ -697,10 +699,11 @@ } }, "node_modules/prettier": { - "version": "3.2.5", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.2.5.tgz", - "integrity": "sha512-3/GWa9aOC0YeD7LUfvOG2NiDyhOWRvt1k+rcKhOuYnMY24iiCphgneUfJDyFXd6rZCAnuLBv6UeAULtrhT/F4A==", + "version": "3.4.2", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", + "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", "dev": true, + "license": "MIT", "bin": { "prettier": "bin/prettier.cjs" }, @@ -799,13 +802,6 @@ "version": "6.0.0", "license": "ISC" }, - "node_modules/uuid": { - "version": "8.3.2", - "license": "MIT", - "bin": { - "uuid": "dist/bin/uuid" - } - }, "node_modules/webidl-conversions": { "version": "3.0.1", "license": "BSD-2-Clause" @@ -848,12 +844,12 @@ }, "dependencies": { "@actions/core": { - "version": "1.10.1", - "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.10.1.tgz", - "integrity": "sha512-3lBR9EDAY+iYIpTnTIXmWcNbX3T2kCkAEQGIQx4NVQ0575nk2k3GRZDTPQG+vVtS2izSLmINlxXf0uLtnrTP+g==", + "version": "1.11.1", + "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.11.1.tgz", + "integrity": "sha512-hXJCSrkwfA46Vd9Z3q4cpEpHB1rL5NG04+/rbqW9d3+CSvtB1tYe8UTpAlixa1vj0m/ULglfEK2UKxMGxCxv5A==", "requires": { - "@actions/http-client": "^2.0.1", - "uuid": "^8.3.2" + "@actions/exec": "^1.1.1", + "@actions/http-client": "^2.0.1" } }, "@actions/exec": { @@ -1113,9 +1109,9 @@ } }, "@vercel/ncc": { - "version": "0.38.1", - "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.38.1.tgz", - "integrity": "sha512-IBBb+iI2NLu4VQn3Vwldyi2QwaXt5+hTyh58ggAMoCGE6DJmPvwL3KPBWcJl1m9LYPChBLE980Jw+CS4Wokqxw==", + "version": "0.38.3", + "resolved": "https://registry.npmjs.org/@vercel/ncc/-/ncc-0.38.3.tgz", + "integrity": "sha512-rnK6hJBS6mwc+Bkab+PGPs9OiS0i/3kdTO+CkI8V0/VrW3vmz7O2Pxjw/owOlmo6PKEIxRSeZKv/kuL9itnpYA==", "dev": true }, "actions-toolkit": { @@ -1342,9 +1338,9 @@ } }, "prettier": { - "version": "3.2.5", - "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.2.5.tgz", - "integrity": "sha512-3/GWa9aOC0YeD7LUfvOG2NiDyhOWRvt1k+rcKhOuYnMY24iiCphgneUfJDyFXd6rZCAnuLBv6UeAULtrhT/F4A==", + "version": "3.4.2", + "resolved": "https://registry.npmjs.org/prettier/-/prettier-3.4.2.tgz", + "integrity": "sha512-e9MewbtFo+Fevyuxn/4rrcDAaq0IYxPGLvObpQjiZBMAzB9IGmzlnG9RZy3FFas+eBMu2vA0CszMeduow5dIuQ==", "dev": true }, "pump": { @@ -1400,9 +1396,6 @@ "universal-user-agent": { "version": "6.0.0" }, - "uuid": { - "version": "8.3.2" - }, "webidl-conversions": { "version": "3.0.1" }, diff --git a/package.json b/package.json index 6ba9bd9..8e1cb6c 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "github-activity-readme", - "version": "0.4.4", + "version": "0.4.5", "description": "Updates README with the recent GitHub activity of a user", "main": "index.js", "keywords": [], @@ -12,11 +12,11 @@ "build": "ncc build index.js -o dist" }, "dependencies": { - "@actions/core": "^1.10.1", + "@actions/core": "^1.11.1", "actions-toolkit": "^6.0.1" }, "devDependencies": { - "@vercel/ncc": "^0.38.1", - "prettier": "^3.2.5" + "@vercel/ncc": "^0.38.3", + "prettier": "^3.4.2" } }