Skip to content

Update @actions/cache to 5.1.0 and add security overrides for undici and fast-xml-parser#1579

Open
HarithaVattikuti wants to merge 4 commits into
releases/v6from
cacheupdate
Open

Update @actions/cache to 5.1.0 and add security overrides for undici and fast-xml-parser#1579
HarithaVattikuti wants to merge 4 commits into
releases/v6from
cacheupdate

Conversation

@HarithaVattikuti

Copy link
Copy Markdown
Contributor

Changes

  • Update @actions/cache from ^5.0.5 to 5.1.0
  • Add npm overrides to pin transitive dependencies to secure versions:
    • undici: ^6.24.1 (resolves to 6.27.0) — addresses CVEs in undici <6.x
    • fast-xml-parser: ^5.9.2 (resolves to 5.9.3)
  • Update .licenses/npm/ dep.yml files via licensed cache to reflect new resolved versions
  • npm audit reports 0 vulnerabilities

@HarithaVattikuti HarithaVattikuti requested a review from a team as a code owner July 8, 2026 22:57
bytalrbllqarat-maker referenced this pull request Jul 11, 2026
#1348)

* setup node in local

* Enhance caching in setup-node with package manager filed detection

* updated with array

* update the field

@pelonducks25-crypto pelonducks25-crypto left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants