.

.github/dependabot.yml

@@ -1,20 +0,0 @@
----
-version: 2
-
-updates:
-- package-ecosystem: "npm"
-  directory: "/"
-  schedule:
-    interval: "weekly"
-  groups:
-    minor-npm-dependencies:
-      # NPM: Only group minor and patch updates (we want to carefully review major updates)
-      update-types: [minor, patch]
-- package-ecosystem: "github-actions"
-  directory: "/"
-  schedule:
-    interval: "weekly"
-  groups:
-    minor-actions-dependencies:
-      # GitHub Actions: Only group minor and patch updates (we want to carefully review major updates)
-      update-types: [minor, patch]

.github/workflows/check-dist.yml

@@ -22,10 +22,10 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v3
 
       - name: Set Node.js 20.x
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v1
         with:
           node-version: 20.x
 
@@ -44,7 +44,7 @@ jobs:
           fi
 
       # If dist/ was different than expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@v4
+      - uses: actions/upload-artifact@v2
         if: ${{ failure() && steps.diff.conclusion == 'failure' }}
         with:
           name: dist

.github/workflows/codeql-analysis.yml

@@ -39,10 +39,10 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4.1.6
+      uses: actions/checkout@v3
 
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -55,4 +55,4 @@ jobs:
     - run: rm -rf dist # We want code scanning to analyze lib instead (individual .js files)
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v2

.github/workflows/licensed.yml

@@ -9,6 +9,6 @@ jobs:
     runs-on: ubuntu-latest
     name: Check licenses
     steps:
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v3
       - run: npm ci
       - run: npm run licensed-check

.github/workflows/publish-immutable-actions.yml

@@ -1,20 +0,0 @@
-name: 'Publish Immutable Action Version'
-
-on:
-  release:
-    types: [published]
-
-jobs:
-  publish:
-    runs-on: ubuntu-latest
-    permissions:
-      contents: read
-      id-token: write
-      packages: write
-
-    steps:
-      - name: Checking out
-        uses: actions/checkout@v4
-      - name: Publish
-        id: publish
-        uses: actions/publish-immutable-action@v0.0.4

.github/workflows/test.yml

@@ -7,19 +7,14 @@ on:
       - main
       - releases/*
 
-
-# Note that when you see patterns like "ref: test-data/v2/basic" within this workflow,
-# these refer to "test-data" branches on this actions/checkout repo.
-# (For example, test-data/v2/basic -> https://github.com/actions/checkout/tree/test-data/v2/basic)
-
 jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/setup-node@v4
+      - uses: actions/setup-node@v1
         with:
           node-version: 20.x
-      - uses: actions/checkout@v4.1.6
+      - uses: actions/checkout@v3
       - run: npm ci
       - run: npm run build
       - run: npm run format-check
@@ -37,7 +32,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v3
 
       # Basic checkout
       - name: Checkout basic
@@ -100,16 +95,6 @@ jobs:
       - name: Verify sparse checkout
         run: __test__/verify-sparse-checkout.sh
 
-      # Disabled sparse checkout in existing checkout
-      - name: Disabled sparse checkout
-        uses: ./
-        with:
-          path: sparse-checkout
-
-      - name: Verify disabled sparse checkout
-        shell: bash
-        run: set -x && ls -l sparse-checkout/src/git-command-manager.ts
-
       # Sparse checkout (non-cone mode)
       - name: Sparse checkout (non-cone mode)
         uses: ./
@@ -190,7 +175,7 @@ jobs:
   test-proxy:
     runs-on: ubuntu-latest
     container:
-      image: ghcr.io/actions/test-ubuntu-git:main.20240221.114913.703z
+      image: alpine/git:latest
       options: --dns 127.0.0.1
     services:
       squid-proxy:
@@ -202,7 +187,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v3
 
       # Basic checkout using git
       - name: Checkout basic
@@ -234,7 +219,7 @@ jobs:
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v3
 
       # Basic checkout using git
       - name: Checkout basic
@@ -257,20 +242,20 @@ jobs:
           path: basic
       - name: Verify basic
         run: __test__/verify-basic.sh --archive
-
+    
   test-git-container:
     runs-on: ubuntu-latest
     container: bitnami/git:latest
     steps:
       # Clone this repo
       - name: Checkout
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v3
         with:
-          path: localClone
+          path: v3
 
       # Basic checkout using git
       - name: Checkout basic
-        uses: ./localClone
+        uses: ./v3
         with:
           ref: test-data/v2/basic
       - name: Verify basic
@@ -291,41 +276,7 @@ jobs:
           git fetch --no-tags --depth=1 origin +refs/heads/main:refs/remotes/origin/main
 
       # needed to make checkout post cleanup succeed
-      - name: Fix Checkout v4
+      - name: Fix Checkout v3
-        uses: actions/checkout@v4.1.6
+        uses: actions/checkout@v3
         with:
-          path: localClone
+          path: v3
-
-  test-output:
-    runs-on: ubuntu-latest
-    steps:
-      # Clone this repo
-      - name: Checkout
-        uses: actions/checkout@v4.1.6
-
-      # Basic checkout using git
-      - name: Checkout basic
-        id: checkout
-        uses: ./
-        with:
-          ref: test-data/v2/basic
-
-      # Verify output
-      - name: Verify output
-        run: |
-          echo "Commit: ${{ steps.checkout.outputs.commit }}"
-          echo "Ref: ${{ steps.checkout.outputs.ref }}"
-
-          if [ "${{ steps.checkout.outputs.ref }}" != "test-data/v2/basic" ]; then
-            echo "Expected ref to be test-data/v2/basic"
-            exit 1
-          fi
-
-          if [ "${{ steps.checkout.outputs.commit }}" != "82f71901cf8c021332310dcc8cdba84c4193ff5d" ]; then
-            echo "Expected commit to be 82f71901cf8c021332310dcc8cdba84c4193ff5d"
-            exit 1
-          fi
-
-      # needed to make checkout post cleanup succeed
-      - name: Fix Checkout
-        uses: actions/checkout@v4.1.6

.github/workflows/update-main-version.yml

@@ -19,16 +19,13 @@ jobs:
   tag:
     runs-on: ubuntu-latest
     steps:
-    # Note this update workflow can also be used as a rollback tool.
+    - uses: actions/checkout@v3
-    # For that reason, it's best to pin `actions/checkout` to a known, stable version
-    # (typically, about two releases back).
-    - uses: actions/checkout@v4.1.6
       with:
         fetch-depth: 0
     - name: Git config
       run: |
-        git config user.name "github-actions[bot]"
+        git config user.name github-actions
-        git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
+        git config user.email github-actions@github.com
     - name: Tag new target
       run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }}
     - name: Push new tag

.github/workflows/update-test-ubuntu-git.yml

@@ -1,59 +0,0 @@
-name: Publish test-ubuntu-git Container
-
-on:
-  # Use an on demand workflow trigger.  
-  # (Forked copies of actions/checkout won't have permission to update GHCR.io/actions, 
-  #  so avoid trigger events that run automatically.)
-  workflow_dispatch:
-    inputs:
-      publish:
-        description:  'Publish to ghcr.io? (main branch only)'
-        type: boolean
-        required: true
-        default: false
-
-env:
-  REGISTRY: ghcr.io
-  IMAGE_NAME: actions/test-ubuntu-git
-
-jobs:
-  build-and-push-image:
-    runs-on: ubuntu-latest
-    # Sets the permissions granted to the `GITHUB_TOKEN` for the actions in this job.
-    permissions:
-      contents: read
-      packages: write
- 
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      # Use `docker/login-action` to log in to GHCR.io. 
-      # Once published, the packages are scoped to the account defined here.
-      - name: Log in to the ghcr.io container registry
-        uses: docker/login-action@v3.3.0
-        with:
-          registry: ${{ env.REGISTRY }}
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Format Timestamp
-        id: timestamp
-        # Use `date` with a custom format to achieve the key=value format GITHUB_OUTPUT expects.
-        run: date -u "+now=%Y%m%d.%H%M%S.%3NZ" >> "$GITHUB_OUTPUT"
-
-      - name: Issue Image Publish Warning
-        if:  ${{ inputs.publish && github.ref_name != 'main' }}
-        run: echo "::warning::test-ubuntu-git images can only be published from the actions/checkout 'main' branch.  Workflow will continue with push/publish disabled."
-
-      # Use `docker/build-push-action` to build (and optionally publish) the image. 
-      - name: Build Docker Image (with optional Push)
-        uses: docker/build-push-action@v6.10.0
-        with:
-          context: .
-          file: images/test-ubuntu-git.Dockerfile
-          # For now, attempts to push to ghcr.io must target the `main` branch.
-          # In the future, consider also allowing attempts from `releases/*` branches.
-          push: ${{ inputs.publish && github.ref_name == 'main' }}
-          tags: |
-            ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ github.ref_name }}.${{ steps.timestamp.outputs.now }}

.licenses/npm/@actions/github.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@actions/github"
-version: 6.0.0
+version: 6.0.1
 type: npm
 summary: Actions github lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/github

.licenses/npm/@actions/http-client-2.1.0.dep.yml

@@ -1,10 +1,10 @@
 ---
 name: "@actions/http-client"
-version: 2.2.1
+version: 2.1.0
 type: npm
 summary: Actions Http Client
 homepage: https://github.com/actions/toolkit/tree/main/packages/http-client
-license: mit
+license: other
 licenses:
 - sources: LICENSE
   text: |

.licenses/npm/@actions/http-client-3.0.2.dep.yml

@@ -0,0 +1,32 @@
+---
+name: "@actions/http-client"
+version: 3.0.2
+type: npm
+summary: Actions Http Client
+homepage: https://github.com/actions/toolkit/tree/main/packages/http-client
+license: other
+licenses:
+- sources: LICENSE
+  text: |
+    Actions Http Client for Node.js
+
+    Copyright (c) GitHub, Inc.
+
+    All rights reserved.
+
+    MIT License
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy of this software and
+    associated documentation files (the "Software"), to deal in the Software without restriction,
+    including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense,
+    and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so,
+    subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED *AS IS*, WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT
+    LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
+    NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
+    WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+    SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+notices: []

.licenses/npm/@fastify/busboy.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@fastify/busboy"
-version: 2.1.1
+version: 2.0.0
 type: npm
 summary: A streaming parser for HTML form data for node.js
 homepage: 

.licenses/npm/@octokit/auth-token.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/auth-token"
-version: 4.0.0
+version: 3.0.4
 type: npm
 summary: GitHub API token authentication for browsers and Node.js
 homepage: 

.licenses/npm/@octokit/core.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/core"
-version: 5.2.0
+version: 4.2.4
 type: npm
 summary: Extendable client for GitHub's REST & GraphQL APIs
 homepage: 

.licenses/npm/@octokit/endpoint.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/endpoint"
-version: 9.0.5
+version: 7.0.6
 type: npm
 summary: Turns REST API endpoints into generic request options
 homepage: 

.licenses/npm/@octokit/graphql.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/graphql"
-version: 7.1.0
+version: 5.0.6
 type: npm
 summary: GitHub GraphQL API client for browsers and Node
 homepage: 

.licenses/npm/@octokit/openapi-types.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/openapi-types"
-version: 20.0.0
+version: 18.1.1
 type: npm
 summary: Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com
 homepage: 

.licenses/npm/@octokit/plugin-paginate-rest.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/plugin-paginate-rest"
-version: 9.2.1
+version: 6.1.2
 type: npm
 summary: Octokit plugin to paginate REST API endpoint responses
 homepage: 

.licenses/npm/@octokit/plugin-rest-endpoint-methods.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/plugin-rest-endpoint-methods"
-version: 10.4.1
+version: 7.2.3
 type: npm
 summary: Octokit plugin adding one method for all of api.github.com REST API endpoints
 homepage: 

.licenses/npm/@octokit/request-error.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/request-error"
-version: 5.1.0
+version: 3.0.3
 type: npm
 summary: Error class for Octokit request errors
 homepage: 

.licenses/npm/@octokit/request.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/request"
-version: 8.4.0
+version: 6.2.8
 type: npm
 summary: Send parameterized requests to GitHub's APIs with sensible defaults in browsers
   and Node

.licenses/npm/@octokit/tsconfig.dep.yml

@@ -1,18 +1,18 @@
 ---
-name: "@octokit/openapi-types"
+name: "@octokit/tsconfig"
-version: 22.1.0
+version: 1.0.2
 type: npm
-summary: Generated TypeScript definitions based on GitHub's OpenAPI spec for api.github.com
+summary: TypeScript configuration for Octokit packages
 homepage: 
 license: mit
 licenses:
 - sources: LICENSE
-  text: |-
+  text: |
-    Copyright 2020 Gregor Martynus
+    MIT License Copyright (c) 2020 Octokit contributors
 
     Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
 
-    The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+    The above copyright notice and this permission notice (including the next paragraph) shall be included in all copies or substantial portions of the Software.
 
     THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
 - sources: README.md

.licenses/npm/@octokit/types-10.0.0.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/types"
-version: 12.6.0
+version: 10.0.0
 type: npm
 summary: Shared TypeScript definitions for Octokit projects
 homepage: 

.licenses/npm/@octokit/types-9.3.2.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: "@octokit/types"
-version: 13.4.1
+version: 9.3.2
 type: npm
 summary: Shared TypeScript definitions for Octokit projects
 homepage: 

.licenses/npm/is-plain-object.dep.yml

@@ -0,0 +1,40 @@
+---
+name: is-plain-object
+version: 5.0.0
+type: npm
+summary: Returns true if an object was created by the `Object` constructor, or Object.create(null).
+homepage: https://github.com/jonschlinkert/is-plain-object
+license: mit
+licenses:
+- sources: LICENSE
+  text: |
+    The MIT License (MIT)
+
+    Copyright (c) 2014-2017, Jon Schlinkert.
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in
+    all copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+    THE SOFTWARE.
+- sources: README.md
+  text: |-
+    Copyright © 2019, [Jon Schlinkert](https://github.com/jonschlinkert).
+    Released under the [MIT License](LICENSE).
+
+    ***
+
+    _This file was generated by [verb-generate-readme](https://github.com/verbose/verb-generate-readme), v0.8.0, on April 28, 2019._
+notices: []

.licenses/npm/node-fetch.dep.yml

@@ -0,0 +1,56 @@
+---
+name: node-fetch
+version: 2.7.0
+type: npm
+summary: A light-weight module that brings window.fetch to node.js
+homepage: https://github.com/bitinn/node-fetch
+license: mit
+licenses:
+- sources: LICENSE.md
+  text: |+
+    The MIT License (MIT)
+
+    Copyright (c) 2016 David Frank
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+
+- sources: README.md
+  text: |-
+    MIT
+
+    [npm-image]: https://flat.badgen.net/npm/v/node-fetch
+    [npm-url]: https://www.npmjs.com/package/node-fetch
+    [travis-image]: https://flat.badgen.net/travis/bitinn/node-fetch
+    [travis-url]: https://travis-ci.org/bitinn/node-fetch
+    [codecov-image]: https://flat.badgen.net/codecov/c/github/bitinn/node-fetch/master
+    [codecov-url]: https://codecov.io/gh/bitinn/node-fetch
+    [install-size-image]: https://flat.badgen.net/packagephobia/install/node-fetch
+    [install-size-url]: https://packagephobia.now.sh/result?p=node-fetch
+    [discord-image]: https://img.shields.io/discord/619915844268326952?color=%237289DA&label=Discord&style=flat-square
+    [discord-url]: https://discord.gg/Zxbndcm
+    [opencollective-image]: https://opencollective.com/node-fetch/backers.svg
+    [opencollective-url]: https://opencollective.com/node-fetch
+    [whatwg-fetch]: https://fetch.spec.whatwg.org/
+    [response-init]: https://fetch.spec.whatwg.org/#responseinit
+    [node-readable]: https://nodejs.org/api/stream.html#stream_readable_streams
+    [mdn-headers]: https://developer.mozilla.org/en-US/docs/Web/API/Headers
+    [LIMITS.md]: https://github.com/bitinn/node-fetch/blob/master/LIMITS.md
+    [ERROR-HANDLING.md]: https://github.com/bitinn/node-fetch/blob/master/ERROR-HANDLING.md
+    [UPGRADE-GUIDE.md]: https://github.com/bitinn/node-fetch/blob/master/UPGRADE-GUIDE.md
+notices: []

.licenses/npm/semver.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: semver
-version: 6.3.1
+version: 6.3.0
 type: npm
 summary: The semantic version parser used by npm.
 homepage: 

.licenses/npm/tr46.dep.yml

@@ -0,0 +1,30 @@
+---
+name: tr46
+version: 0.0.3
+type: npm
+summary: An implementation of the Unicode TR46 spec
+homepage: https://github.com/Sebmaster/tr46.js#readme
+license: mit
+licenses:
+- sources: Auto-generated MIT license text
+  text: |
+    MIT License
+
+    Permission is hereby granted, free of charge, to any person obtaining a copy
+    of this software and associated documentation files (the "Software"), to deal
+    in the Software without restriction, including without limitation the rights
+    to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+    copies of the Software, and to permit persons to whom the Software is
+    furnished to do so, subject to the following conditions:
+
+    The above copyright notice and this permission notice shall be included in all
+    copies or substantial portions of the Software.
+
+    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+    IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+    AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+    LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+    OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+    SOFTWARE.
+notices: []

.licenses/npm/undici.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: undici
-version: 5.28.4
+version: 5.25.4
 type: npm
 summary: An HTTP/1.1 client, written from scratch for Node.js
 homepage: https://undici.nodejs.org

.licenses/npm/universal-user-agent.dep.yml

@@ -1,6 +1,6 @@
 ---
 name: universal-user-agent
-version: 6.0.1
+version: 6.0.0
 type: npm
 summary: Get a user agent string in both browser and node
 homepage: