Closed aifrak closed 2 years ago
Hi there and welcome to this repository!
A maintainer will be with you shortly, but first and foremost I would like to thank you for taking the time to report this issue. Quality is of the highest priority for us, and we would never release anything with known defects. We aim to do our best but unfortunately you are here because you encountered something we didn't expect. Lets see if we can figure out what went wrong and provide a remedy for it.
Hi @aifrak!
I'm dogfooding this action in my own repositories as well, and yesterday received issues of the same nature. I can assure you that the security issues relating to this codebase has only affected the dev dependencies, not the dependencies downloaded when the action is running in a workflow, but nevertheless I will create a new release in the upcoming days.
Thanks for notifying me regarding this issue.
There's a new release available, and the git tag v2
has been updated to reflect that as well.
Thanks for reporting the issue!
Hello,
Someone recently opened an issue on my repo regarding your security update related to
tmpl
.Since this security update was done after the
v2.1.0
, I currently am pointing to this commit sha instead of usingmaster
,v2
orv2.1.0
.Would it be fine for you to cut a release in order to include the commit 0dd479f24c62cdbbbce52c7f2ee4277c778cae06?