From 4d9a2b11c1b557c1fd9fd081623b64ed76e3b6a0 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Thu, 1 Oct 2020 17:19:33 +0000 Subject: [PATCH] [Security] Bump @actions/core from 1.2.3 to 1.2.6 Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.2.3 to 1.2.6. **This update includes a security fix.** - [Release notes](https://github.com/actions/toolkit/releases) - [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core) Signed-off-by: dependabot-preview[bot] --- package-lock.json | 6 +++--- package.json | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package-lock.json b/package-lock.json index 73cbd55..e313efa 100644 --- a/package-lock.json +++ b/package-lock.json @@ -28,9 +28,9 @@ } }, "@actions/core": { - "version": "1.2.3", - "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.3.tgz", - "integrity": "sha512-Wp4xnyokakM45Uuj4WLUxdsa8fJjKVl1fDTsPbTEcTcuu0Nb26IPQbOtjmnfaCPGcaoPOOqId8H9NapZ8gii4w==" + "version": "1.2.6", + "resolved": "https://registry.npmjs.org/@actions/core/-/core-1.2.6.tgz", + "integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA==" }, "@actions/exec": { "version": "1.0.3", diff --git a/package.json b/package.json index bd96ed5..fde68b0 100644 --- a/package.json +++ b/package.json @@ -33,7 +33,7 @@ }, "dependencies": { "@actions-rs/core": "^0.0.9", - "@actions/core": "^1.2.3", + "@actions/core": "^1.2.6", "@actions/exec": "^1.0.3", "@actions/io": "^1.0.2" },