[Snyk] Fix for 1 vulnerabilities

[aliscco]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • node_modules/@actions/artifact/node_modules/@actions/http-client/package.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	658/1000 Why? Proof of Concept exploit, Recently disclosed, Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: jest

The new version differs by 250 commits.

• be16e47 v27.0.0
• 63102ec chore: update changelog for release
• 564694a docs(blog): Jest 27 blog post (#11131)
• b68d91b feat(pretty-print): add option `printBasicPrototype` (#11441)
• 2226742 chore: minor simplify format results error (#11432)
• 78eb25d chore: remove needless assign (#11433)
• 696c455 chore: update lockfile after publish
• e2eb9ae v27.0.0-next.11
• 3b253f8 Wait for closed resources to actually close before detecting open handles (#11429)
• 27bee72 fix: run GC before collecting open handles (#11278)
• 50451df feat: use fallback if prettier not found (#11400)
• 150dbd8 chore: update lockfile after publish
• 6f44529 v27.0.0-next.10
• cbcec7d Upgrade fsevents in jest-haste-map (#11428)
• 9633a26 feat: support reporters written in ESM (#11427)
• 59f42d8 fix: do not cache modules that throw during evaluation (#11263)
• 57e32e9 Detect open handles with done callbacks (#11382)
• a397607 Document and test dontThrow for custom inline snapshot matchers (#10995)
• 4fa3a0b feat: custom haste (#11107)
• 2047a36 chore: bump deps (#11419)
• a4358d6 chore: run prettier on changelog
• bdd6282 Move all default values into `jest-config` (#9924)
• db643a1 Link to Jest config (#11106)
• b16082c Fix locale issue #10014 (#11412)

See the full diff

Package name: ts-jest

The new version differs by 34 commits.

• bcf2697 Merge pull request [Snyk] Security upgrade lodash from 3.9.3 to 4.17.17 #1649 from kulshekhar/dependabot/npm_and_yarn/types/fs-extra-9.0.0
• 497f5c9 build(deps-dev): bump @ types/fs-extra from 8.1.0 to 9.0.0
• 35001a2 Merge pull request [Snyk] Security upgrade xo from 0.11.2 to 0.17.0 #1646 from ahnpnl/v26.0.0
• 1db8be5 chore(release): 26.0.0
• 47007f1 build(deps-dev): bump @ types/js-yaml from 3.12.3 to 3.12.4 ([Snyk] Fix for 1 vulnerabilities #1644)
• 9741de4 build(deps-dev): bump @ types/cross-spawn from 6.0.1 to 6.0.2 ([Snyk] Security upgrade grunt-eslint from 21.1.0 to 25.0.0 #1643)
• 6851b8e fix(compiler): return `undefined` for `getScriptVersion` when a file doesn't exist in memory cache ([Snyk] Security upgrade eslint from 3.19.0 to 9.0.0 #1641)
• 6b22e08 build(deps-dev): bump @ types/yargs from 15.0.4 to 15.0.5 ([Snyk] Security upgrade eslint from 5.16.0 to 9.0.0 #1638)
• b58064c Merge pull request [Snyk] Security upgrade eslint from 6.8.0 to 9.0.0 #1637 from kulshekhar/dependabot/npm_and_yarn/types/jest-25.2.2
• 5fc19c0 build(deps-dev): bump @ types/jest from 25.2.1 to 25.2.2
• ea56715 build(deps-dev): bump eslint-plugin-jsdoc from 25.4.0 to 25.4.1 ([Snyk] Security upgrade eslint from 4.19.1 to 9.0.0 #1640)
• b5dc7cb build(deps-dev): bump @ types/semver from 7.1.0 to 7.2.0 ([Snyk] Security upgrade eslint from 6.8.0 to 9.0.0 #1636)
• eab413e Merge pull request [Snyk] Security upgrade eslint from 7.32.0 to 9.0.0 #1634 from kulshekhar/dependabot/npm_and_yarn/eslint-plugin-jsdoc-25.4.0
• 01cb6e2 build(deps-dev): bump eslint-plugin-jsdoc from 25.3.0 to 25.4.0
• db084be build(deps-dev): bump @ typescript-eslint/eslint-plugin ([Snyk] Security upgrade eslint from 1.10.3 to 9.0.0 #1632)
• d203a54 build(deps-dev): bump @ typescript-eslint/parser from 2.32.0 to 2.33.0 ([Snyk] Security upgrade eslint from 6.8.0 to 9.0.0 #1631)
• 1eafa67 build(deps-dev): bump eslint-plugin-jsdoc from 25.2.1 to 25.3.0 ([Snyk] Security upgrade eslint from 6.8.0 to 9.0.0 #1629)
• e31656d build(deps-dev): bump eslint-plugin-jest from 23.10.0 to 23.11.0 ([Snyk] Security upgrade eslint from 6.8.0 to 9.0.0 #1628)
• c2b230f build(deps-dev): bump eslint-plugin-jsdoc from 25.2.0 to 25.2.1 ([Snyk] Security upgrade eslint from 6.8.0 to 9.0.0 #1627)
• c0265a4 build(deps-dev): bump @ typescript-eslint/parser from 2.31.0 to 2.32.0 ([Snyk] Security upgrade mocha from 3.5.3 to 4.0.0 #1625)
• 3c95725 build(deps-dev): bump @ typescript-eslint/eslint-plugin ([Snyk] Security upgrade eslint from 5.16.0 to 9.0.0 #1626)
• d90c034 build(deps-dev): bump eslint-plugin-jsdoc from 25.0.1 to 25.2.0 ([Snyk] Security upgrade eslint from 4.19.1 to 9.0.0 #1623)
• c402ee3 build(deps-dev): bump @ types/react from 16.9.34 to 16.9.35 ([Snyk] Security upgrade eslint from 4.19.1 to 9.0.0 #1622)
• bec1a0e docs: correct spelling mistake in index.md ([Snyk] Security upgrade eslint from 2.13.1 to 9.0.0 #1612)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)