From 14891d7474d546fb92611ad6d169b9d0a7550a88 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 10 Jul 2024 12:37:33 +0000 Subject: [PATCH 1/3] build(deps): bump typed-rest-client from 2.0.1 to 2.0.2 Bumps [typed-rest-client](https://github.com/Microsoft/typed-rest-client) from 2.0.1 to 2.0.2. - [Release notes](https://github.com/Microsoft/typed-rest-client/releases) - [Commits](https://github.com/Microsoft/typed-rest-client/compare/v2.0.1...v2.0.2) --- updated-dependencies: - dependency-name: typed-rest-client dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- package-lock.json | 14 +++++++------- package.json | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/package-lock.json b/package-lock.json index 52be9bde..a18f3516 100644 --- a/package-lock.json +++ b/package-lock.json @@ -10,7 +10,7 @@ "@actions/core": "^1.10.1", "@actions/tool-cache": "^2.0.1", "semver": "^7.6.2", - "typed-rest-client": "^2.0.1" + "typed-rest-client": "^2.0.2" }, "devDependencies": { "@actions/io": "^1.1.3", @@ -9502,9 +9502,9 @@ } }, "node_modules/typed-rest-client": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/typed-rest-client/-/typed-rest-client-2.0.1.tgz", - "integrity": "sha512-LSfgVu+jKUbkceVBGJ6bdIMzzpvjhw6A+aKsVnGa2S7bT82QCALh/RAtq/fdV3aLXxHqsChuClrQ93fXMrIckA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/typed-rest-client/-/typed-rest-client-2.0.2.tgz", + "integrity": "sha512-rmAQM2gZw/PQpK5+5aSs+I6ZBv4PFC2BT1o+0ADS1SgSejA+14EmbI2Lt8uXwkX7oeOMkwFmg0pHKwe8D9IT5A==", "dependencies": { "des.js": "^1.1.0", "js-md4": "^0.3.2", @@ -16829,9 +16829,9 @@ } }, "typed-rest-client": { - "version": "2.0.1", - "resolved": "https://registry.npmjs.org/typed-rest-client/-/typed-rest-client-2.0.1.tgz", - "integrity": "sha512-LSfgVu+jKUbkceVBGJ6bdIMzzpvjhw6A+aKsVnGa2S7bT82QCALh/RAtq/fdV3aLXxHqsChuClrQ93fXMrIckA==", + "version": "2.0.2", + "resolved": "https://registry.npmjs.org/typed-rest-client/-/typed-rest-client-2.0.2.tgz", + "integrity": "sha512-rmAQM2gZw/PQpK5+5aSs+I6ZBv4PFC2BT1o+0ADS1SgSejA+14EmbI2Lt8uXwkX7oeOMkwFmg0pHKwe8D9IT5A==", "requires": { "des.js": "^1.1.0", "js-md4": "^0.3.2", diff --git a/package.json b/package.json index fbd73848..d09f4460 100644 --- a/package.json +++ b/package.json @@ -19,7 +19,7 @@ "@actions/core": "^1.10.1", "@actions/tool-cache": "^2.0.1", "semver": "^7.6.2", - "typed-rest-client": "^2.0.1" + "typed-rest-client": "^2.0.2" }, "devDependencies": { "@actions/io": "^1.1.3", From 77058a17e1f3822273a94369af11915101cc2818 Mon Sep 17 00:00:00 2001 From: per1234 Date: Wed, 10 Jul 2024 06:20:47 -0700 Subject: [PATCH 2/3] Update dependency license metadata cache for `typed-rest-client` bump --- .licenses/npm/typed-rest-client.dep.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.licenses/npm/typed-rest-client.dep.yml b/.licenses/npm/typed-rest-client.dep.yml index 03df18e5..6c9721b5 100644 --- a/.licenses/npm/typed-rest-client.dep.yml +++ b/.licenses/npm/typed-rest-client.dep.yml @@ -1,6 +1,6 @@ --- name: typed-rest-client -version: 2.0.1 +version: 2.0.2 type: npm summary: Node Rest and Http Clients for use with TypeScript homepage: https://github.com/Microsoft/typed-rest-client#readme From f0b18b1f32fbb328fed4b48d40dfd656697417dc Mon Sep 17 00:00:00 2001 From: per1234 Date: Wed, 10 Jul 2024 06:23:29 -0700 Subject: [PATCH 3/3] Repackage action following `typed-rest-client` bump GitHub downloads each action run in a workflow during runtime and executes it as a complete package of code before you can use workflow commands like run to interact with the runner machine. This means that we must provide all JavaScript package dependencies as part of the distributed action in order for it to be usable in workflows. A naive approach to doing this is checking in the `node_modules` folder. However, this approach results in a huge amount of frequently changing external content being included in the repository, much of which is not even part of the executed program. A far better approach is to use the excellent ncc tool to compile the program, including all the relevant code from the dependencies, into a single file. We use a "continuous packaging" approach, where the packaged action code that is generated via ncc is always kept in sync with the development source code and dependencies. This allows a beta version of the action to be easily used in workflows by beta testers or those who need changes not in the release simply by using the name of the branch as the action ref (e.g., `uses: arduino/arduino-lint-action@main` will cause the version of the action from the tip of the `main` branch to be used by the workflow run). The update of the package dependency results in a change to the packaged code, so the packaging is here updated accordingly. --- dist/index.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dist/index.js b/dist/index.js index addcf699..cea09857 100644 --- a/dist/index.js +++ b/dist/index.js @@ -11518,7 +11518,7 @@ var HttpCodes; })(HttpCodes || (exports.HttpCodes = HttpCodes = {})); const HttpRedirectCodes = [HttpCodes.MovedPermanently, HttpCodes.ResourceMoved, HttpCodes.SeeOther, HttpCodes.TemporaryRedirect, HttpCodes.PermanentRedirect]; const HttpResponseRetryCodes = [HttpCodes.BadGateway, HttpCodes.ServiceUnavailable, HttpCodes.GatewayTimeout]; -const NetworkRetryErrors = ['ECONNRESET', 'ENOTFOUND', 'ESOCKETTIMEDOUT', 'ETIMEDOUT', 'ECONNREFUSED']; +const NetworkRetryErrors = ['ECONNRESET', 'ENOTFOUND', 'ESOCKETTIMEDOUT', 'ETIMEDOUT', 'ECONNREFUSED', 'EHOSTUNREACH']; const RetryableHttpVerbs = ['OPTIONS', 'GET', 'DELETE', 'HEAD']; const ExponentialBackoffCeiling = 10; const ExponentialBackoffTimeSlice = 5;