From ef48386fa07f33eeebbe1433b5576255016a9cf6 Mon Sep 17 00:00:00 2001 From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com> Date: Wed, 13 May 2026 15:33:50 +0000 Subject: [PATCH] fix: upgrade @actions/glob from 0.6.1 to 0.7.0 Snyk has created this PR to upgrade @actions/glob from 0.6.1 to 0.7.0. See this package in npm: @actions/glob See this project in Snyk: https://app.snyk.io/org/test-cAX4cfyGGwqSqgMRHFEhFe/project/61bc694c-9265-4478-b2c8-5574b3aa9030?utm_source=github-cloud-app&utm_medium=referral&page=upgrade-pr --- sources/package-lock.json | 56 +++++++++++++++++++++++++++++++++++---- sources/package.json | 2 +- 2 files changed, 52 insertions(+), 6 deletions(-) diff --git a/sources/package-lock.json b/sources/package-lock.json index bfb30b0d..8f1054d2 100644 --- a/sources/package-lock.json +++ b/sources/package-lock.json @@ -14,7 +14,7 @@ "@actions/core": "3.0.0", "@actions/exec": "3.0.0", "@actions/github": "9.0.0", - "@actions/glob": "0.6.1", + "@actions/glob": "^0.7.0", "@actions/http-client": "4.0.0", "@actions/tool-cache": "4.0.0", "@octokit/webhooks-types": "7.6.1", @@ -168,6 +168,16 @@ "semver": "^7.7.3" } }, + "node_modules/@actions/cache/node_modules/@actions/glob": { + "version": "0.6.1", + "resolved": "https://registry.npmjs.org/@actions/glob/-/glob-0.6.1.tgz", + "integrity": "sha512-K4+2Ac5ILcf2ySdJCha+Pop9NcKjxqCL4xL4zI50dgB2PbXgC0+AcP011xfH4Of6b4QEJJg8dyZYv7zl4byTsw==", + "license": "MIT", + "dependencies": { + "@actions/core": "^3.0.0", + "minimatch": "^3.0.4" + } + }, "node_modules/@actions/core": { "version": "3.0.0", "resolved": "https://registry.npmjs.org/@actions/core/-/core-3.0.0.tgz", @@ -281,13 +291,49 @@ "license": "ISC" }, "node_modules/@actions/glob": { - "version": "0.6.1", - "resolved": "https://registry.npmjs.org/@actions/glob/-/glob-0.6.1.tgz", - "integrity": "sha512-K4+2Ac5ILcf2ySdJCha+Pop9NcKjxqCL4xL4zI50dgB2PbXgC0+AcP011xfH4Of6b4QEJJg8dyZYv7zl4byTsw==", + "version": "0.7.0", + "resolved": "https://registry.npmjs.org/@actions/glob/-/glob-0.7.0.tgz", + "integrity": "sha512-+7s3wM+cXapDLmLL1NVWHawqcJOZzXZy2df/VhNn8DnZtS/x83iTCKaUn9F0llur4h3CII0AilvKKH4CMPL8Gw==", "license": "MIT", "dependencies": { "@actions/core": "^3.0.0", - "minimatch": "^3.0.4" + "minimatch": "^10.2.5" + } + }, + "node_modules/@actions/glob/node_modules/balanced-match": { + "version": "4.0.4", + "resolved": "https://registry.npmjs.org/balanced-match/-/balanced-match-4.0.4.tgz", + "integrity": "sha512-BLrgEcRTwX2o6gGxGOCNyMvGSp35YofuYzw9h1IMTRmKqttAZZVU67bdb9Pr2vUHA8+j3i2tJfjO6C6+4myGTA==", + "license": "MIT", + "engines": { + "node": "18 || 20 || >=22" + } + }, + "node_modules/@actions/glob/node_modules/brace-expansion": { + "version": "5.0.6", + "resolved": "https://registry.npmjs.org/brace-expansion/-/brace-expansion-5.0.6.tgz", + "integrity": "sha512-kLpxurY4Z4r9sgMsyG0Z9uzsBlgiU/EFKhj/h91/8yHu0edo7XuixOIH3VcJ8kkxs6/jPzoI6U9Vj3WqbMQ94g==", + "license": "MIT", + "dependencies": { + "balanced-match": "^4.0.2" + }, + "engines": { + "node": "18 || 20 || >=22" + } + }, + "node_modules/@actions/glob/node_modules/minimatch": { + "version": "10.2.5", + "resolved": "https://registry.npmjs.org/minimatch/-/minimatch-10.2.5.tgz", + "integrity": "sha512-MULkVLfKGYDFYejP07QOurDLLQpcjk7Fw+7jXS2R2czRQzR56yHRveU5NDJEOviH+hETZKSkIk5c+T23GjFUMg==", + "license": "BlueOak-1.0.0", + "dependencies": { + "brace-expansion": "^5.0.5" + }, + "engines": { + "node": "18 || 20 || >=22" + }, + "funding": { + "url": "https://github.com/sponsors/isaacs" } }, "node_modules/@actions/http-client": { diff --git a/sources/package.json b/sources/package.json index 4f21bc02..aeb4b444 100644 --- a/sources/package.json +++ b/sources/package.json @@ -40,7 +40,7 @@ "@actions/core": "3.0.0", "@actions/exec": "3.0.0", "@actions/github": "9.0.0", - "@actions/glob": "0.6.1", + "@actions/glob": "0.7.0", "@actions/http-client": "4.0.0", "@actions/tool-cache": "4.0.0", "@octokit/webhooks-types": "7.6.1",