@actions/cache - npm Package Compare versions

Comparing version 3.1.2 to 3.1.3

lib/internal/tar.js

@@ -20,3 +20,2 @@ "use strict";
 const exec_1 = require("@actions/exec");
-const core_1 = require("@actions/core");
 const io = __importStar(require("@actions/io"));
@@ -28,3 +27,2 @@ const fs_1 = require("fs");
 const IS_WINDOWS = process.platform === 'win32';
-core_1.exportVariable('MSYS', 'winsymlinks:nativestrict');
 // Returns tar path and type: BSD or GNU
@@ -219,3 +217,6 @@ function getTarPath() {
             try {
-                yield exec_1.exec(command, undefined, { cwd });
+                yield exec_1.exec(command, undefined, {
+                    cwd,
+                    env: Object.assign(Object.assign({}, process.env), { MSYS: 'winsymlinks:nativestrict' })
+                });
             }
@@ -222,0 +223,0 @@ catch (error) {

package.json

 {
   "name": "@actions/cache",
-  "version": "3.1.2",
+  "version": "3.1.3",
   "preview": true,
@@ -5,0 +5,0 @@ "description": "Actions cache lib",

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

112299

increased by0.05%

Lines of code

1587

increased by0.06%

Worsened metrics

Number of low supply chain risk alerts

16

increased by6.67%

No dependency changes