Skip to content

Update @actions/cache to 5.1.0 and add security overrides for undici and fast-xml-parser#1579

Open
HarithaVattikuti wants to merge 4 commits into
releases/v6from
cacheupdate
Open

Update @actions/cache to 5.1.0 and add security overrides for undici and fast-xml-parser#1579
HarithaVattikuti wants to merge 4 commits into
releases/v6from
cacheupdate

Conversation

@HarithaVattikuti

Copy link
Copy Markdown
Contributor

Changes

  • Update @actions/cache from ^5.0.5 to 5.1.0
  • Add npm overrides to pin transitive dependencies to secure versions:
    • undici: ^6.24.1 (resolves to 6.27.0) — addresses CVEs in undici <6.x
    • fast-xml-parser: ^5.9.2 (resolves to 5.9.3)
  • Update .licenses/npm/ dep.yml files via licensed cache to reflect new resolved versions
  • npm audit reports 0 vulnerabilities

@HarithaVattikuti HarithaVattikuti requested a review from a team as a code owner July 8, 2026 22:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant