Bump @types/node from 24.0.10 to 24.0.13 in the actions group

Bumps the actions group with 1 update: [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node).


Updates `@types/node` from 24.0.10 to 24.0.13
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-version: 24.0.13
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/defaultLabels.yml

@@ -13,7 +13,7 @@ jobs:
 
       # Steps represent a sequence of tasks that will be executed as part of the job
       steps:
-         - uses: actions/stale@v9
+         - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 #v9.1.0
            name: Setting issue as idle
            with:
               repo-token: ${{ secrets.GITHUB_TOKEN }}
@@ -24,7 +24,7 @@ jobs:
               operations-per-run: 100
               exempt-issue-labels: 'backlog'
 
-         - uses: actions/stale@v9
+         - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 #v9.1.0
            name: Setting PR as idle
            with:
               repo-token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/integration-tests.yml

@@ -15,7 +15,7 @@ jobs:
          PR_BASE_REF: ${{ github.event.pull_request.base.ref }}
       steps:
          - name: Check out repository
-           uses: actions/checkout@v4
+           uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
          - name: npm install and build
            id: action-npm-build
            run: |

.github/workflows/prettify-code.yml

@@ -10,9 +10,7 @@ jobs:
       runs-on: ubuntu-latest
       steps:
          - name: Checkout Repository
-           uses: actions/checkout@v4
+           uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
          - name: Enforce Prettier
-           uses: actionsx/prettier@v3
-           with:
-              args: --check .
+           run: npx prettier --check .

.github/workflows/release-pr.yml

@@ -13,6 +13,6 @@ jobs:
       permissions:
          actions: read
          contents: write
-      uses: Azure/action-release-workflows/.github/workflows/release_js_project.yaml@v1
+      uses: Azure/action-release-workflows/.github/workflows/release_js_project.yaml@3c677ba5ab58f5c5c1a6f0cfb176b333b1f27405 # v1.0.3
       with:
          changelogPath: ./CHANGELOG.md

.github/workflows/tag-and-draft.yml

@@ -7,4 +7,4 @@ on:
 
 jobs:
    tag-and-release:
-      uses: OliverMKing/javascript-release-workflow/.github/workflows/tag-and-release.yml@main
+      uses: OliverMKing/javascript-release-workflow/.github/workflows/tag-and-release.yml@c753e1545b144562237cd1177a95bab21a785cff # main

.github/workflows/unit-tests.yml

@@ -13,7 +13,7 @@ jobs:
    build: # make sure build/ci works properly
       runs-on: ubuntu-latest
       steps:
-         - uses: actions/checkout@v4
+         - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
          - name: Run L0 tests.
            run: |

.husky/pre-commit

@@ -0,0 +1,7 @@
+npm test
+npm run format-check || {
+  echo ""
+  echo "❌ Formatting check failed."
+  echo "💡 Run 'npm run format' or 'prettier --write .' to fix formatting issues."
+  exit 1
+}

CHANGELOG.md

@@ -2,18 +2,18 @@
 
 ## [4.3.0] - 2025-02-15
 
--  #152 feat: log when restoring from cache
--  #157 Dependencies Update
--  #137 Add dependabot
+- #152 feat: log when restoring from cache
+- #157 Dependencies Update
+- #137 Add dependabot
 
 ## [4.2.0] - 2024-04-15
 
--  #124 Fix OS detection and download OS-native archive extension
+- #124 Fix OS detection and download OS-native archive extension
 
 ## [4.1.0] - 2024-03-01
 
--  #130 switches to use Helm published file to read latest version instead of using GitHub releases
+- #130 switches to use Helm published file to read latest version instead of using GitHub releases
 
 ## [4.0.0] - 2024-02-12
 
--  #121 update to node20 as node16 is deprecated
+- #121 update to node20 as node16 is deprecated

CODE_OF_CONDUCT.md

@@ -4,6 +4,6 @@ This project has adopted the [Microsoft Open Source Code of Conduct](https://ope
 
 Resources:
 
--  [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
--  [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
--  Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns
+- [Microsoft Open Source Code of Conduct](https://opensource.microsoft.com/codeofconduct/)
+- [Microsoft Code of Conduct FAQ](https://opensource.microsoft.com/codeofconduct/faq/)
+- Contact [opencode@microsoft.com](mailto:opencode@microsoft.com) with questions or concerns

SECURITY.md

@@ -18,13 +18,13 @@ You should receive a response within 24 hours. If for some reason you do not, pl
 
 Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
 
--  Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
--  Full paths of source file(s) related to the manifestation of the issue
--  The location of the affected source code (tag/branch/commit or direct URL)
--  Any special configuration required to reproduce the issue
--  Step-by-step instructions to reproduce the issue
--  Proof-of-concept or exploit code (if possible)
--  Impact of the issue, including how an attacker might exploit the issue
+- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+- Full paths of source file(s) related to the manifestation of the issue
+- The location of the affected source code (tag/branch/commit or direct URL)
+- Any special configuration required to reproduce the issue
+- Step-by-step instructions to reproduce the issue
+- Proof-of-concept or exploit code (if possible)
+- Impact of the issue, including how an attacker might exploit the issue
 
 This information will help us triage your report more quickly.
 

package.json

@@ -10,8 +10,8 @@
       "@actions/exec": "^1.1.1",
       "@actions/io": "^1.1.2",
       "@actions/tool-cache": "2.0.2",
-      "@octokit/action": "^7.0.0",
-      "semver": "^7.7.1"
+      "@octokit/action": "^8.0.2",
+      "semver": "^7.7.2"
    },
    "main": "lib/index.js",
    "scripts": {
@@ -20,15 +20,17 @@
       "test": "jest",
       "test-coverage": "jest --coverage",
       "format": "prettier --write .",
-      "format-check": "prettier --check ."
+      "format-check": "prettier --check .",
+      "prepare": "husky"
    },
    "devDependencies": {
-      "@types/jest": "^29.5.14",
-      "@types/node": "^22.13.1",
+      "@types/jest": "^30.0.0",
+      "@types/node": "^24.0.13",
       "@vercel/ncc": "^0.38.3",
-      "jest": "^29.7.0",
-      "prettier": "^3.5.0",
-      "ts-jest": "^29.2.5",
-      "typescript": "^5.7.3"
+      "husky": "^9.1.7",
+      "jest": "^30.0.4",
+      "prettier": "^3.6.2",
+      "ts-jest": "^29.4.0",
+      "typescript": "^5.8.3"
    }
 }

src/run.test.ts

@@ -99,20 +99,20 @@ describe('run.ts', () => {
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => {
          if (file == 'mainFolder')
             return [
-               'file1' as unknown as fs.Dirent,
-               'file2' as unknown as fs.Dirent,
-               'folder1' as unknown as fs.Dirent,
-               'folder2' as unknown as fs.Dirent
+               'file1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'folder1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'folder2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          if (file == path.join('mainFolder', 'folder1'))
             return [
-               'file11' as unknown as fs.Dirent,
-               'file12' as unknown as fs.Dirent
+               'file11' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file12' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          if (file == path.join('mainFolder', 'folder2'))
             return [
-               'file21' as unknown as fs.Dirent,
-               'file22' as unknown as fs.Dirent
+               'file21' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file22' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          return []
       })
@@ -134,20 +134,20 @@ describe('run.ts', () => {
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => {
          if (file == 'mainFolder')
             return [
-               'file1' as unknown as fs.Dirent,
-               'file2' as unknown as fs.Dirent,
-               'folder1' as unknown as fs.Dirent,
-               'folder2' as unknown as fs.Dirent
+               'file1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'folder1' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'folder2' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          if (file == path.join('mainFolder', 'folder1'))
             return [
-               'file11' as unknown as fs.Dirent,
-               'file12' as unknown as fs.Dirent
+               'file11' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file12' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          if (file == path.join('mainFolder', 'folder2'))
             return [
-               'file21' as unknown as fs.Dirent,
-               'file22' as unknown as fs.Dirent
+               'file21' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>,
+               'file22' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
             ]
          return []
       })
@@ -166,7 +166,8 @@ describe('run.ts', () => {
    test('findHelm() - change access permissions and find the helm in given directory', () => {
       jest.spyOn(fs, 'chmodSync').mockImplementation(() => {})
       jest.spyOn(fs, 'readdirSync').mockImplementation((file, _) => {
-         if (file == 'mainFolder') return ['helm.exe' as unknown as fs.Dirent]
+         if (file == 'mainFolder')
+            return ['helm.exe' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>]
          return []
       })
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
@@ -208,7 +209,9 @@ describe('run.ts', () => {
       jest.spyOn(toolCache, 'cacheDir').mockResolvedValue('pathToCachedDir')
       jest
          .spyOn(fs, 'readdirSync')
-         .mockImplementation((file, _) => ['helm.exe' as unknown as fs.Dirent])
+         .mockImplementation((file, _) => [
+            'helm.exe' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
+         ])
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
          const isDirectory =
             (file as string).indexOf('folder') == -1 ? false : true
@@ -254,7 +257,9 @@ describe('run.ts', () => {
       jest.spyOn(fs, 'chmodSync').mockImplementation(() => {})
       jest
          .spyOn(fs, 'readdirSync')
-         .mockReturnValue(['helm.exe' as unknown as fs.Dirent])
+         .mockReturnValue([
+            'helm.exe' as unknown as fs.Dirent<Buffer<ArrayBufferLike>>
+         ])
       jest.spyOn(fs, 'statSync').mockImplementation((file) => {
          const isDirectory =
             (file as string).indexOf('folder') == -1 ? false : true