diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8114f84a..ddd4e082 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -25,7 +25,7 @@ jobs: environment: npm permissions: id-token: write # Required for OIDC - contents: write + contents: read steps: - uses: DataDog/dd-octo-sts-action@acaa02eee7e3bb0839e4272dacb37b8f3b58ba80 # v1.0.3 id: octo-sts @@ -33,8 +33,10 @@ jobs: scope: DataDog/pprof-nodejs policy: self.github.release.push-tags - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - - uses: actions/download-artifact@v4 - - uses: actions/setup-node@v3 + with: + persist-credentials: false # drop GITHUB_TOKEN so the dd-octo-sts token is used for the tag push + - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + - uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3.9.1 with: node-version: '24' registry-url: 'https://registry.npmjs.org' @@ -58,8 +60,8 @@ jobs: contents: read steps: - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 - - uses: actions/download-artifact@v4 - - uses: actions/setup-node@v3 + - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0 + - uses: actions/setup-node@3235b876344d2a9aa001b8d1453c930bba69e610 # v3.9.1 with: node-version: '24' registry-url: 'https://registry.npmjs.org' diff --git a/package-lock.json b/package-lock.json index 3674a317..1d4d7210 100644 --- a/package-lock.json +++ b/package-lock.json @@ -1,22 +1,22 @@ { "name": "@datadog/pprof", - "version": "5.14.3", + "version": "5.14.4", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@datadog/pprof", - "version": "5.14.3", + "version": "5.14.4", "hasInstallScript": true, "license": "Apache-2.0", "dependencies": { - "node-gyp-build": "<5.0", + "node-gyp-build": "^4.8.4", "pprof-format": "^2.2.1", "source-map": "^0.7.4" }, "devDependencies": { "@types/mocha": "^10.0.1", - "@types/node": "25.7.0", + "@types/node": "25.9.1", "@types/semver": "^7.5.8", "@types/sinon": "^21.0.1", "@types/tmp": "^0.2.3", @@ -936,13 +936,13 @@ "license": "MIT" }, "node_modules/@types/node": { - "version": "25.7.0", - "resolved": "https://registry.npmjs.org/@types/node/-/node-25.7.0.tgz", - "integrity": "sha512-z+pdZyxE+RTQE9AcboAZCb4otwcrvgHD+GlBpPgn0emDVt0ohrTMhAwlr2Wd9nZ+nihhYFxO2pThz3C5qSu2Eg==", + "version": "25.9.1", + "resolved": "https://registry.npmjs.org/@types/node/-/node-25.9.1.tgz", + "integrity": "sha512-xfrlY7UD5rMJk3ZVJP8BNzS28J36YJg+xp+LPXV1TdWxr8uMH5A860QNxYDGQe/ylDSgjxE52Q9VnO7p75tJxg==", "dev": true, "license": "MIT", "dependencies": { - "undici-types": "~7.21.0" + "undici-types": ">=7.24.0 <7.24.7" } }, "node_modules/@types/normalize-package-data": { @@ -6314,9 +6314,9 @@ } }, "node_modules/undici-types": { - "version": "7.21.0", - "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.21.0.tgz", - "integrity": "sha512-w9IMgQrz4O0YN1LtB7K5P63vhlIOvC7opSmouCJ+ZywlPAlO9gIkJ+otk6LvGpAs2wg4econaCz3TvQ9xPoyuQ==", + "version": "7.24.6", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.24.6.tgz", + "integrity": "sha512-WRNW+sJgj5OBN4/0JpHFqtqzhpbnV0GuB+OozA9gCL7a993SmU+1JBZCzLNxYsbMfIeDL+lTsphD5jN5N+n0zg==", "dev": true, "license": "MIT" }, diff --git a/package.json b/package.json index 3f45375b..6daa1175 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@datadog/pprof", - "version": "5.14.3", + "version": "5.14.4", "description": "pprof support for Node.js", "repository": { "type": "git", @@ -36,13 +36,13 @@ }, "license": "Apache-2.0", "dependencies": { - "node-gyp-build": "<5.0", + "node-gyp-build": "^4.8.4", "pprof-format": "^2.2.1", "source-map": "^0.7.4" }, "devDependencies": { "@types/mocha": "^10.0.1", - "@types/node": "25.7.0", + "@types/node": "25.9.1", "@types/semver": "^7.5.8", "@types/sinon": "^21.0.1", "@types/tmp": "^0.2.3",