chore(deps): update dependency @actions/core to v2 #299
Conversation
![cubic-dev-ai[bot]](https://avatars.githubusercontent.com/in/1082092?s=60&v=4){kind=small}
renovate
bot
force-pushed
the
renovate/actions-core-2.x
branch
from
99f3f2a to
a0e1d2a
Compare
![sentry[bot]](https://avatars.githubusercontent.com/u/1396951?s=60&v=4){kind=small}
| "@actions/cache": "^4.0.3", | ||
| "@actions/core": "^1.11.1", | ||
| "@actions/core": "^2.0.0", | ||
| "@actions/exec": "^1.1.1", |
There was a problem hiding this comment.
Bug: The update to @actions/core v2.0.0 is incomplete, as the related dependency @actions/exec was not updated from v1.1.1 to v2.0.0, creating a version conflict.
Severity: CRITICAL | Confidence: High
🔍 Detailed Analysis
The pull request updates @actions/core to a new major version (v2.0.0) but fails to update the direct dependency @actions/exec from v1.1.1. The new version of @actions/core has an internal dependency on @actions/exec v2.0.0. This creates a version mismatch where calls to exec.exec() will resolve to the outdated v1.1.1, which was designed for Node.js 16. This can lead to runtime failures due to potential breaking API changes between major versions and incompatibility with the project's Node.js 20 runtime.
💡 Suggested Fix
In package.json, update the version of the @actions/exec dependency from ^1.1.1 to ^2.0.0 to align with the requirements of @actions/core v2.0.0 and ensure runtime compatibility.
🤖 Prompt for AI Agent
Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.
Location: package.json#L74
Potential issue: The pull request updates `@actions/core` to a new major version
(`v2.0.0`) but fails to update the direct dependency `@actions/exec` from `v1.1.1`. The
new version of `@actions/core` has an internal dependency on `@actions/exec` `v2.0.0`.
This creates a version mismatch where calls to `exec.exec()` will resolve to the
outdated `v1.1.1`, which was designed for Node.js 16. This can lead to runtime failures
due to potential breaking API changes between major versions and incompatibility with
the project's Node.js 20 runtime.
Did we get this right? 👍 / 👎 to inform future reviews.
Reference ID: 7145956
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate
bot
force-pushed
the
renovate/actions-core-2.x
branch
from
a0e1d2a to
4f55200
Compare
This PR contains the following updates:
^1.11.1→^2.0.0Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
actions/toolkit (@actions/core)
v2.0.1v2.0.0Configuration
📅 Schedule: Branch creation - At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday ( * 0-4,22-23 * * 1-5 ), Only on Sunday and Saturday ( * * * * 0,6 ) (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.