Skip to content

fix: Security updates#10

Merged
Raj-StepSecurity merged 2 commits into
mainfrom
npm-audit-fix
Jun 25, 2026
Merged

fix: Security updates#10
Raj-StepSecurity merged 2 commits into
mainfrom
npm-audit-fix

fix: apply audit fixes

b976cdb
Select commit
Loading
Failed to load commit list.
StepSecurity Actions Security / StepSecurity Required Checks succeeded Jun 25, 2026 in 0s

StepSecurity Required Checks

Finished StepSecurity Required Checks

  • Script Injection Check - Checks for script injection vulnerabilities in the PR
  • NPM Compromised Packages Check - Checks for compromised npm package versions in the PR
  • PyPI Compromised Packages Check - Checks for compromised PyPI package versions in the PR
  • Pwn Request Vulnerabilities Check - Checks for Pwn Request vulnerabilities in the PR via risky triggers
  • NPM Package Cooldown Check - Fails if any package version in the PR was released within the configured cooldown period, helping to avoid brand-new (and potentially unreviewed or malicious) releases
  • PyPI Package Cooldown Check - Fails if any PyPI package version in the PR was released within the configured cooldown period
  • Maven Compromised Packages Check - Checks for compromised Maven package versions in the PR
  • Maven Package Cooldown Check - Fails if any Maven package version in the PR was released within the configured cooldown period

Details

✅ NPM Compromised Packages Check

No Compromised npm packages are added in current PR.

✅ NPM Package Cooldown Check

No npm package upgrades to recent releases found in current PR.

The following npm packages are inspected in current PR

Package Name Previous Version Current Version file Current Version Release Date
@actions/core 1.10.0 1.11.1 package-lock.json 2024-10-04T21:59:18Z
@actions/io 1.1.3 package-lock.json 2023-03-15T19:14:57Z
@actions/exec 1.1.1 package-lock.json 2022-03-17T16:48:05Z
✅ Maven Compromised Packages Check

No compromised Maven package versions found in current PR.

✅ PyPI Package Cooldown Check

No PyPI package upgrades to recent releases found in current PR.

✅ Pwn Request Vulnerabilities Check

No Pwn Request vulnerabilities found in this PR.

✅ Script Injection Vulnerabilities Check

No Script Injection vulnerabilities found in this PR.

✅ Maven Package Cooldown Check

No Maven package upgrades to recent releases found in current PR.

✅ PyPI Compromised Packages Check

No compromised PyPI package versions found in current PR.

⏲️ History

Previous invocation results of same check:

✅ Maven Package Cooldown Check

No Maven package upgrades to recent releases found in current PR.

✅ PyPI Package Cooldown Check

No PyPI package upgrades to recent releases found in current PR.

✅ Script Injection Vulnerabilities Check

No Script Injection vulnerabilities found in this PR.

✅ Maven Compromised Packages Check

No compromised Maven package versions found in current PR.

✅ Pwn Request Vulnerabilities Check

No Pwn Request vulnerabilities found in this PR.

✅ PyPI Compromised Packages Check

No compromised PyPI package versions found in current PR.

✅ NPM Package Cooldown Check

No npm package upgrades to recent releases found in current PR.

The following npm packages are inspected in current PR

Package Name Previous Version Current Version file Current Version Release Date
@actions/core 1.10.0 1.11.1 package-lock.json 2024-10-04T21:59:18Z
@actions/io 1.1.3 package-lock.json 2023-03-15T19:14:57Z
@actions/exec 1.1.1 package-lock.json 2022-03-17T16:48:05Z
✅ NPM Compromised Packages Check

No Compromised npm packages are added in current PR.