Skip to content

chore: bump surefire-report-summary action and test workflow to Node 24#98

Open
sr4850 wants to merge 7 commits into
mainfrom
fix/sureFireBumpNode
Open

chore: bump surefire-report-summary action and test workflow to Node 24#98
sr4850 wants to merge 7 commits into
mainfrom
fix/sureFireBumpNode

Conversation

@sr4850

@sr4850 sr4850 commented Jul 3, 2026

Copy link
Copy Markdown
Contributor

Description

Related issue: JIRA_TICKET_NUMBER

Before submitting (or marking as "ready for review")

  • Does the pull request title follow the conventional commit specification?
  • Have you performed a self-review of the code
  • Have you have added tests that prove the fix or feature is effective and working
  • Did you make sure to update any documentation relating to this change?

Comment on lines 18 to 19
- uses: actions/checkout@v4
- uses: actions/setup-node@v4

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i think there are newer versions of these

@adamjgriffith

adamjgriffith commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

@sr4850 this action looks to also be responsible for 27/29 of the vulnerabilities flagged on this repository, could we update the https://github.com/dvsa/.github/blob/main/.github/actions/surefire-report-summary/package.json to resolve these?

sr4850 and others added 3 commits July 6, 2026 13:39
This reverts commit df2e2f5.
- Bump @xmldom/xmldom to ^0.9.10 (fixes 5 HIGH CVEs)
- Bump js-yaml to ^4.3.0, @actions/core to ^1.11.1
- Bump @typescript-eslint/* to ^7.18.0, eslint to ^8.57.1
- Bump eslint-plugin-github to ^5.1.8, eslint-plugin-jest to ^28.14.0
- Add npm overrides for transitive CVEs (undici, minimatch,
  brace-expansion, cross-spawn, picomatch, uuid, ajv, flatted,
  micromatch, @babel/core, @babel/helpers)
- Adapt reader.ts to xmldom 0.9 typing (documentElement is nullable)
  and its new error behavior on invalid XML

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@sr4850 sr4850 requested a review from adamjgriffith July 6, 2026 14:52
Comment thread .github/actions/surefire-report-summary/action.yaml
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants