Bump @types/node from 20.11.28 to 24.2.0

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 20.11.28 to 24.2.0. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) --- updated-dependencies: - dependency-name: "@types/node" dependency-version: 24.2.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bump form-data to bring in fix for critical vulnerability (#618 )
2026-03-02 11:37:34 +08:00 · 2025-08-13 17:04:04 +00:00 · 2025-08-13 12:02:46 -05:00
9 changed files with 22 additions and 35 deletions
--- a/.licenses/npm/form-data-2.5.5.dep.yml
+++ b/.licenses/npm/form-data-2.5.5.dep.yml
@@ -4,7 +4,7 @@ version: 2.5.5
 type: npm
 summary: A library to create readable "multipart/form-data" streams. Can be used to
  submit forms and file uploads to other web applications.
-homepage:
+homepage: 
 license: mit
 licenses:
 - sources: License
--- a/.licenses/npm/form-data-4.0.4.dep.yml
+++ b/.licenses/npm/form-data-4.0.4.dep.yml
@@ -4,7 +4,7 @@ version: 4.0.4
 type: npm
 summary: A library to create readable "multipart/form-data" streams. Can be used to
  submit forms and file uploads to other web applications.
-homepage:
+homepage: 
 license: mit
 licenses:
 - sources: License
--- a/.licenses/npm/function-bind.dep.yml
+++ b/.licenses/npm/function-bind.dep.yml
@@ -29,4 +29,3 @@ licenses:
    THE SOFTWARE.

 notices: []
-...
--- a/package-lock.json
+++ b/package-lock.json
@@ -20,7 +20,7 @@
      },
      "devDependencies": {
        "@types/jest": "^29.5.14",
-        "@types/node": "^20.11.28",
+        "@types/node": "^24.2.1",
        "@types/semver": "^7.5.8",
        "@typescript-eslint/eslint-plugin": "^8.31.1",
        "@typescript-eslint/parser": "^8.35.1",
@@ -35,9 +35,6 @@
        "prettier": "^2.8.4",
        "ts-jest": "^29.3.2",
        "typescript": "^5.8.3"
-      },
-      "engines": {
-        "node": ">=24.0.0"
      }
    },
    "node_modules/@aashutoshrathi/word-wrap": {
@@ -1602,11 +1599,12 @@
      }
    },
    "node_modules/@types/node": {
-      "version": "20.11.28",
-      "resolved": "https://registry.npmjs.org/@types/node/-/node-20.11.28.tgz",
-      "integrity": "sha512-M/GPWVS2wLkSkNHVeLkrF2fD5Lx5UC4PxA0uZcKc6QqbIQUJyW1jVjueJYi1z8n0I5PxYrtpnPnWglE+y9A0KA==",
+      "version": "24.2.1",
+      "resolved": "https://registry.npmjs.org/@types/node/-/node-24.2.1.tgz",
+      "integrity": "sha512-DRh5K+ka5eJic8CjH7td8QpYEV6Zo10gfRkjHCO3weqZHWDtAaSTFtl4+VMqOJ4N5jcuhZ9/l+yy8rVgw7BQeQ==",
+      "license": "MIT",
      "dependencies": {
-        "undici-types": "~5.26.4"
+        "undici-types": "~7.10.0"
      }
    },
    "node_modules/@types/node-fetch": {
@@ -5976,9 +5974,10 @@
      }
    },
    "node_modules/undici-types": {
-      "version": "5.26.5",
-      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
-      "integrity": "sha512-JlCMO+ehdEIKqlFxk6IfVoAUVmgz7cU7zD/h9XZ0qzeosSHmUJVOzSQvvYSYWXkFXC+IfLKSIffhv0sVZup6pA=="
+      "version": "7.10.0",
+      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.10.0.tgz",
+      "integrity": "sha512-t5Fy/nfn+14LuOc2KNYg75vZqClpAiqscVvMygNnlsHBFpSXdJaYtXMcdNLpl/Qvc3P2cB3s6lOV51nqsFq4ag==",
+      "license": "MIT"
    },
    "node_modules/update-browserslist-db": {
      "version": "1.0.13",
--- a/package.json
+++ b/package.json
@@ -4,9 +4,6 @@
  "private": true,
  "description": "setup go action",
  "main": "lib/setup-go.js",
-   "engines": {
-    "node": ">=24.0.0"
-  },
  "scripts": {
    "build": "tsc && ncc build -o dist/setup src/setup-go.ts && ncc build -o dist/cache-save src/cache-save.ts",
    "format": "prettier --no-error-on-unmatched-pattern --config ./.prettierrc.js --write \"**/*.{ts,yml,yaml}\"",
@@ -39,7 +36,7 @@
  },
  "devDependencies": {
    "@types/jest": "^29.5.14",
-    "@types/node": "^20.11.28",
+    "@types/node": "^24.2.1",
    "@types/semver": "^7.5.8",
    "@typescript-eslint/eslint-plugin": "^8.31.1",
    "@typescript-eslint/parser": "^8.35.1",
--- a/src/installer.ts
+++ b/src/installer.ts
@@ -7,7 +7,6 @@ import * as sys from './system';
 import fs from 'fs';
 import os from 'os';
 import {StableReleaseAlias, isSelfHosted} from './utils';
-import {Architecture} from './types';

 const MANIFEST_REPO_OWNER = 'actions';
 const MANIFEST_REPO_NAME = 'go-versions';
@@ -40,7 +39,7 @@ export async function getGo(
  versionSpec: string,
  checkLatest: boolean,
  auth: string | undefined,
-  arch: Architecture = os.arch() as Architecture
+  arch = os.arch()
 ) {
  let manifest: tc.IToolRelease[] | undefined;
  const osPlat: string = os.platform();
@@ -152,7 +151,7 @@ async function resolveVersionFromManifest(
  versionSpec: string,
  stable: boolean,
  auth: string | undefined,
-  arch: Architecture,
+  arch: string,
  manifest: tc.IToolRelease[] | undefined
 ): Promise<string | undefined> {
  try {
@@ -354,7 +353,7 @@ export async function getInfoFromManifest(
  versionSpec: string,
  stable: boolean,
  auth: string | undefined,
-  arch: Architecture = os.arch() as Architecture,
+  arch = os.arch(),
  manifest?: tc.IToolRelease[] | undefined
 ): Promise<IGoVersionInfo | null> {
  let info: IGoVersionInfo | null = null;
@@ -380,7 +379,7 @@ export async function getInfoFromManifest(

 async function getInfoFromDist(
  versionSpec: string,
-  arch: Architecture
+  arch: string
 ): Promise<IGoVersionInfo | null> {
  const version: IGoVersion | undefined = await findMatch(versionSpec, arch);
  if (!version) {
@@ -399,7 +398,7 @@ async function getInfoFromDist(

 export async function findMatch(
  versionSpec: string,
-  arch: Architecture = os.arch() as Architecture
+  arch = os.arch()
 ): Promise<IGoVersion | undefined> {
  const archFilter = sys.getArch(arch);
  const platFilter = sys.getPlatform();
@@ -503,10 +502,7 @@ export function parseGoVersionFile(versionFilePath: string): string {
  return contents.trim();
 }

-async function resolveStableVersionDist(
-  versionSpec: string,
-  arch: Architecture
-) {
+async function resolveStableVersionDist(versionSpec: string, arch: string) {
  const archFilter = sys.getArch(arch);
  const platFilter = sys.getPlatform();
  const dlUrl = 'https://golang.org/dl/?mode=json&include=all';
--- a/src/main.ts
+++ b/src/main.ts
@@ -8,7 +8,6 @@ import {isCacheFeatureAvailable} from './cache-utils';
 import cp from 'child_process';
 import fs from 'fs';
 import os from 'os';
-import {Architecture} from './types';

 export async function run() {
  try {
@@ -21,10 +20,10 @@ export async function run() {
    const cache = core.getBooleanInput('cache');
    core.info(`Setup go version spec ${versionSpec}`);

-    let arch = core.getInput('architecture') as Architecture;
+    let arch = core.getInput('architecture');

    if (!arch) {
-      arch = os.arch() as Architecture;
+      arch = os.arch();
    }

    if (versionSpec) {
--- a/src/system.ts
+++ b/src/system.ts
@@ -1,5 +1,4 @@
 import os from 'os';
-import {Architecture} from './types';

 export function getPlatform(): string {
  // darwin and linux match already
@@ -16,7 +15,7 @@ export function getPlatform(): string {
  return plat;
 }

-export function getArch(arch: Architecture): string {
+export function getArch(arch: string): string {
  // 'arm', 'arm64', 'ia32', 'mips', 'mipsel', 'ppc', 'ppc64', 's390', 's390x', 'x32', and 'x64'.

  // wants amd64, 386, arm64, armv61, ppc641e, s390x
--- a/src/types.ts
+++ b/src/types.ts
@@ -1,2 +0,0 @@
-// match what @actions/tool-cache expects
-export type Architecture = string;