fix: package.json & yarn.lock to reduce vulnerabilities

snyk-bot · web-flow · commit 334a72c2a94f · 2020-10-03T06:48:28.000-07:00
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-ACTIONSCORE-1015402
diff --git a/package.json b/package.json
@@ -24,7 +24,7 @@
   "author": "Victor Navarro <victor@vnavarro.com>",
   "license": "MIT",
   "dependencies": {
-    "@actions/core": "1.2.5",
+    "@actions/core": "1.2.6",
     "@actions/exec": "1.0.4",
     "@actions/github": "4.0.0",
     "yaml": "1.10.0"
diff --git a/yarn.lock b/yarn.lock
@@ -2,10 +2,10 @@
 # yarn lockfile v1
 
 
-"@actions/core@1.2.5":
-  version "1.2.5"
-  resolved "https://registry.yarnpkg.com/@actions/core/-/core-1.2.5.tgz#fa57bf8c07a38191e243beb9ea9d8368c1cb02c8"
-  integrity sha512-mwpoNjHSWWh0IiALdDEQi3tru124JKn0yVNziIBzTME8QRv7thwoghVuT1jBRjFvdtoHsqD58IRHy1nf86paRg==
+"@actions/core@1.2.6":
+  version "1.2.6"
+  resolved "https://registry.yarnpkg.com/@actions/core/-/core-1.2.6.tgz#a78d49f41a4def18e88ce47c2cac615d5694bf09"
+  integrity sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA==
 
 "@actions/exec@1.0.4":
   version "1.0.4"
