fix: Security updates by github-actions[bot] · Pull Request #248 · step-security/paths-filter

StepSecurity Required Checks

Finished StepSecurity Required Checks

NPM Package Cooldown Check - Fails if any package version in the PR was released within the configured cooldown period, helping to avoid brand-new (and potentially unreviewed or malicious) releases
PyPI Package Cooldown Check - Fails if any PyPI package version in the PR was released within the configured cooldown period
Maven Compromised Packages Check - Checks for compromised Maven package versions in the PR
Maven Package Cooldown Check - Fails if any Maven package version in the PR was released within the configured cooldown period
Script Injection Check - Checks for script injection vulnerabilities in the PR
NPM Compromised Packages Check - Checks for compromised npm package versions in the PR
PyPI Compromised Packages Check - Checks for compromised PyPI package versions in the PR
Pwn Request Vulnerabilities Check - Checks for Pwn Request vulnerabilities in the PR via risky triggers

✅ Maven Compromised Packages Check

No compromised Maven package versions found in current PR.

✅ Script Injection Vulnerabilities Check

No Script Injection vulnerabilities found in this PR.

✅ PyPI Compromised Packages Check

No compromised PyPI package versions found in current PR.

✅ Maven Package Cooldown Check

No Maven package upgrades to recent releases found in current PR.

✅ PyPI Package Cooldown Check

No PyPI package upgrades to recent releases found in current PR.

✅ Pwn Request Vulnerabilities Check

No Pwn Request vulnerabilities found in this PR.

✅ NPM Compromised Packages Check

No Compromised npm packages are added in current PR.

✅ NPM Package Cooldown Check

No npm package upgrades to recent releases found in current PR.

The following npm packages are inspected in current PR

Package Name	Previous Version	Current Version	file	Current Version Release Date
semver	7.7.3	7.8.5	package-lock.json	2026-06-19T18:32:48Z
electron-to-chromium	1.4.644	1.5.376	package-lock.json	2026-06-19T02:02:43Z
node-releases	2.0.14	2.0.48	package-lock.json	2026-06-18T04:36:52Z
baseline-browser-mapping		2.10.38	package-lock.json	2026-06-17T16:56:25Z
form-data	4.0.5	4.0.6	package-lock.json	2026-06-12T17:37:53Z
caniuse-lite	1.0.30001579	1.0.30001799	package-lock.json	2026-06-11T09:52:12Z
js-yaml	4.1.1	4.2.0	package-lock.json	2026-05-31T22:17:13Z
hasown	2.0.2	2.0.4	package-lock.json	2026-05-28T18:11:39Z
@babel/helper-module-transforms	7.23.3	7.29.7	package-lock.json	2026-05-25T11:16:43Z
@babel/helper-module-imports	7.22.15	7.29.7	package-lock.json	2026-05-25T11:16:37Z
@babel/helpers	7.27.0	7.29.7	package-lock.json	2026-05-25T11:16:28Z
@babel/template	7.27.0	7.29.7	package-lock.json	2026-05-25T11:16:25Z
@babel/generator	7.23.6	7.29.7	package-lock.json	2026-05-25T11:16:23Z
@babel/parser	7.27.0	7.29.7	package-lock.json	2026-05-25T11:16:19Z
@babel/types	7.27.0	7.29.7	package-lock.json	2026-05-25T11:16:16Z
@babel/code-frame	7.26.2	7.29.7	package-lock.json	2026-05-25T11:15:38Z
@babel/helper-compilation-targets	7.23.6	7.29.7	package-lock.json	2026-05-25T11:15:38Z
@babel/helper-validator-option	7.23.5	7.29.7	package-lock.json	2026-05-25T11:15:32Z
@babel/helper-validator-identifier	7.25.9	7.29.7	package-lock.json	2026-05-25T11:15:31Z
@babel/helper-string-parser	7.25.9	7.29.7	package-lock.json	2026-05-25T11:15:30Z
@babel/helper-globals		7.29.7	package-lock.json	2026-05-25T11:15:30Z
@babel/compat-data	7.23.5	7.29.7	package-lock.json	2026-05-25T11:15:28Z
ts-jest	29.4.5	29.4.11	package-lock.json	2026-05-21T13:49:09Z
browserslist	4.22.2	4.28.2	package-lock.json	2026-03-31T10:24:52Z
update-browserslist-db	1.0.13	1.2.3	package-lock.json	2025-12-16T15:17:57Z
@jridgewell/trace-mapping	0.3.22	0.3.31	package-lock.json	2025-09-10T20:12:49Z
@jridgewell/sourcemap-codec	1.4.15	1.5.5	package-lock.json	2025-08-12T06:43:59Z
@jridgewell/remapping		2.3.5	package-lock.json	2025-08-12T06:43:35Z
@jridgewell/gen-mapping	0.3.3	0.3.13	package-lock.json	2025-08-12T06:43:21Z
jsesc	2.5.2	3.1.0	package-lock.json	2024-12-11T08:24:34Z
picocolors	1.0.0	1.1.1	package-lock.json	2024-10-16T18:20:03Z
escalade	3.1.1	3.2.0	package-lock.json	2024-08-29T22:59:36Z

⏲️ History

Previous invocation results of same check:

✅ Maven Package Cooldown Check

No Maven package upgrades to recent releases found in current PR.

✅ Pwn Request Vulnerabilities Check

No Pwn Request vulnerabilities found in this PR.

✅ PyPI Compromised Packages Check

No compromised PyPI package versions found in current PR.

✅ Script Injection Vulnerabilities Check

No Script Injection vulnerabilities found in this PR.

✅ PyPI Package Cooldown Check

No PyPI package upgrades to recent releases found in current PR.

✅ Maven Compromised Packages Check

No compromised Maven package versions found in current PR.

✅ NPM Compromised Packages Check

No Compromised npm packages are added in current PR.

✅ NPM Package Cooldown Check

No npm package upgrades to recent releases found in current PR.

The following npm packages are inspected in current PR

Package Name	Previous Version	Current Version	file	Current Version Release Date
semver	7.7.3	7.8.5	package-lock.json	2026-06-19T18:32:48Z
electron-to-chromium	1.4.644	1.5.376	package-lock.json	2026-06-19T02:02:43Z
node-releases	2.0.14	2.0.48	package-lock.json	2026-06-18T04:36:52Z
baseline-browser-mapping		2.10.38	package-lock.json	2026-06-17T16:56:25Z
form-data	4.0.5	4.0.6	package-lock.json	2026-06-12T17:37:53Z
caniuse-lite	1.0.30001579	1.0.30001799	package-lock.json	2026-06-11T09:52:12Z
js-yaml	4.1.1	4.2.0	package-lock.json	2026-05-31T22:17:13Z
hasown	2.0.2	2.0.4	package-lock.json	2026-05-28T18:11:39Z
@babel/helper-module-transforms	7.23.3	7.29.7	package-lock.json	2026-05-25T11:16:43Z
@babel/helper-module-imports	7.22.15	7.29.7	package-lock.json	2026-05-25T11:16:37Z
@babel/helpers	7.27.0	7.29.7	package-lock.json	2026-05-25T11:16:28Z
@babel/template	7.27.0	7.29.7	package-lock.json	2026-05-25T11:16:25Z
@babel/generator	7.23.6	7.29.7	package-lock.json	2026-05-25T11:16:23Z
@babel/parser	7.27.0	7.29.7	package-lock.json	2026-05-25T11:16:19Z
@babel/types	7.27.0	7.29.7	package-lock.json	2026-05-25T11:16:16Z
@babel/code-frame	7.26.2	7.29.7	package-lock.json	2026-05-25T11:15:38Z
@babel/helper-compilation-targets	7.23.6	7.29.7	package-lock.json	2026-05-25T11:15:38Z
@babel/helper-validator-option	7.23.5	7.29.7	package-lock.json	2026-05-25T11:15:32Z
@babel/helper-validator-identifier	7.25.9	7.29.7	package-lock.json	2026-05-25T11:15:31Z
@babel/helper-string-parser	7.25.9	7.29.7	package-lock.json	2026-05-25T11:15:30Z
@babel/helper-globals		7.29.7	package-lock.json	2026-05-25T11:15:30Z
@babel/compat-data	7.23.5	7.29.7	package-lock.json	2026-05-25T11:15:28Z
ts-jest	29.4.5	29.4.11	package-lock.json	2026-05-21T13:49:09Z
browserslist	4.22.2	4.28.2	package-lock.json	2026-03-31T10:24:52Z
update-browserslist-db	1.0.13	1.2.3	package-lock.json	2025-12-16T15:17:57Z
@jridgewell/trace-mapping	0.3.22	0.3.31	package-lock.json	2025-09-10T20:12:49Z
@jridgewell/sourcemap-codec	1.4.15	1.5.5	package-lock.json	2025-08-12T06:43:59Z
@jridgewell/remapping		2.3.5	package-lock.json	2025-08-12T06:43:35Z
@jridgewell/gen-mapping	0.3.3	0.3.13	package-lock.json	2025-08-12T06:43:21Z
jsesc	2.5.2	3.1.0	package-lock.json	2024-12-11T08:24:34Z
picocolors	1.0.0	1.1.1	package-lock.json	2024-10-16T18:20:03Z
escalade	3.1.1	3.2.0	package-lock.json	2024-08-29T22:59:36Z

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix: Security updates#248

fix: Security updates#248
anurag-stepsecurity merged 2 commits into
mainfrom
npm-audit-fix

Uh oh!

StepSecurity Required Checks

Details

The following npm packages are inspected in current PR

The following npm packages are inspected in current PR

Re-running checks...

Uh oh!

fix: apply audit fixes

Uh oh!

StepSecurity Required Checks

Details

The following npm packages are inspected in current PR

The following npm packages are inspected in current PR

Re-running checks...