From 7eb7ab41e74434eb8d578f60e295df06e5775e73 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 8 Dec 2025 04:08:27 +0000
Subject: [PATCH 1/2] chore(deps): bump axios in the npm-production group

Bumps the npm-production group with 1 update: [axios](https://github.com/axios/axios).


Updates `axios` from 1.13.1 to 1.13.2
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.13.1...v1.13.2)

---
updated-dependencies:
- dependency-name: axios
  dependency-version: 1.13.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm-production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package-lock.json | 8 ++++----
 package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index 2a9ab5a..22383fd 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -11,7 +11,7 @@
       "dependencies": {
         "@actions/core": "^1.11.1",
         "@actions/github": "^6.0.1",
-        "axios": "^1.13.1"
+        "axios": "^1.13.2"
       },
       "devDependencies": {
         "@babel/core": "^7.28.5",
@@ -4036,9 +4036,9 @@
       }
     },
     "node_modules/axios": {
-      "version": "1.13.1",
-      "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.1.tgz",
-      "integrity": "sha512-hU4EGxxt+j7TQijx1oYdAjw4xuIp1wRQSsbMFwSthCWeBQur1eF+qJ5iQ5sN3Tw8YRzQNKb8jszgBdMDVqwJcw==",
+      "version": "1.13.2",
+      "resolved": "https://registry.npmjs.org/axios/-/axios-1.13.2.tgz",
+      "integrity": "sha512-VPk9ebNqPcy5lRGuSlKx752IlDatOjT9paPlm8A7yOuW2Fbvp4X3JznJtT4f0GzGLLiWE9W8onz51SqLYwzGaA==",
       "license": "MIT",
       "dependencies": {
         "follow-redirects": "^1.15.6",
diff --git a/package.json b/package.json
index 1149e17..9868d0e 100644
--- a/package.json
+++ b/package.json
@@ -26,7 +26,7 @@
   "dependencies": {
     "@actions/core": "^1.11.1",
     "@actions/github": "^6.0.1",
-    "axios": "^1.13.1"
+    "axios": "^1.13.2"
   },
   "devDependencies": {
     "@babel/core": "^7.28.5",

From ce33e9d542972eade28dca66256ee6b0ac90155a Mon Sep 17 00:00:00 2001
From: "github-actions[bot]" <github-actions[bot]@users.noreply.github.com>
Date: Mon, 8 Dec 2025 04:09:14 +0000
Subject: [PATCH 2/2] chore: automatic build changes

---
 dist/index.js | 45 +++++++++++++++++++++++++--------------------
 1 file changed, 25 insertions(+), 20 deletions(-)

diff --git a/dist/index.js b/dist/index.js
index 8677ea1..8c19fe9 100644
--- a/dist/index.js
+++ b/dist/index.js
@@ -36589,16 +36589,16 @@ module.exports = parseParams
 /***/ ((module, __unused_webpack_exports, __nccwpck_require__) => {
 
 "use strict";
-/*! Axios v1.13.1 Copyright (c) 2025 Matt Zabriskie and contributors */
+/*! Axios v1.13.2 Copyright (c) 2025 Matt Zabriskie and contributors */
 
 
 const FormData$1 = __nccwpck_require__(6454);
 const crypto = __nccwpck_require__(6982);
 const url = __nccwpck_require__(7016);
-const http2 = __nccwpck_require__(5675);
 const proxyFromEnv = __nccwpck_require__(7777);
 const http = __nccwpck_require__(8611);
 const https = __nccwpck_require__(5692);
+const http2 = __nccwpck_require__(5675);
 const util = __nccwpck_require__(9023);
 const followRedirects = __nccwpck_require__(1573);
 const zlib = __nccwpck_require__(3106);
@@ -36613,6 +36613,7 @@ const url__default = /*#__PURE__*/_interopDefaultLegacy(url);
 const proxyFromEnv__default = /*#__PURE__*/_interopDefaultLegacy(proxyFromEnv);
 const http__default = /*#__PURE__*/_interopDefaultLegacy(http);
 const https__default = /*#__PURE__*/_interopDefaultLegacy(https);
+const http2__default = /*#__PURE__*/_interopDefaultLegacy(http2);
 const util__default = /*#__PURE__*/_interopDefaultLegacy(util);
 const followRedirects__default = /*#__PURE__*/_interopDefaultLegacy(followRedirects);
 const zlib__default = /*#__PURE__*/_interopDefaultLegacy(zlib);
@@ -38749,7 +38750,7 @@ function buildFullPath(baseURL, requestedURL, allowAbsoluteUrls) {
   return requestedURL;
 }
 
-const VERSION = "1.13.1";
+const VERSION = "1.13.2";
 
 function parseProtocol(url) {
   const match = /^([-+\w]{1,25})(:?\/\/|:)/.exec(url);
@@ -39326,13 +39327,6 @@ const brotliOptions = {
   finishFlush: zlib__default["default"].constants.BROTLI_OPERATION_FLUSH
 };
 
-const {
-  HTTP2_HEADER_SCHEME,
-  HTTP2_HEADER_METHOD,
-  HTTP2_HEADER_PATH,
-  HTTP2_HEADER_STATUS
-} = http2.constants;
-
 const isBrotliSupported = utils$1.isFunction(zlib__default["default"].createBrotliDecompress);
 
 const {http: httpFollow, https: httpsFollow} = followRedirects__default["default"];
@@ -39362,9 +39356,9 @@ class Http2Sessions {
       sessionTimeout: 1000
     }, options);
 
-    let authoritySessions;
+    let authoritySessions = this.sessions[authority];
 
-    if ((authoritySessions = this.sessions[authority])) {
+    if (authoritySessions) {
       let len = authoritySessions.length;
 
       for (let i = 0; i < len; i++) {
@@ -39375,7 +39369,7 @@ class Http2Sessions {
       }
     }
 
-    const session = http2.connect(authority, options);
+    const session = http2__default["default"].connect(authority, options);
 
     let removed;
 
@@ -39390,11 +39384,12 @@ class Http2Sessions {
 
       while (i--) {
         if (entries[i][0] === session) {
-          entries.splice(i, 1);
           if (len === 1) {
             delete this.sessions[authority];
-            return;
+          } else {
+            entries.splice(i, 1);
           }
+          return;
         }
       }
     };
@@ -39433,12 +39428,12 @@ class Http2Sessions {
 
     session.once('close', removeSession);
 
-    let entries = this.sessions[authority], entry = [
-      session,
-      options
-    ];
+    let entry = [
+        session,
+        options
+      ];
 
-    entries ? this.sessions[authority].push(entry) : authoritySessions =  this.sessions[authority] = [entry];
+    authoritySessions ? authoritySessions.push(entry) : authoritySessions =  this.sessions[authority] = [entry];
 
     return session;
   }
@@ -39566,6 +39561,13 @@ const http2Transport = {
 
       const session = http2Sessions.getSession(authority, http2Options);
 
+      const {
+        HTTP2_HEADER_SCHEME,
+        HTTP2_HEADER_METHOD,
+        HTTP2_HEADER_PATH,
+        HTTP2_HEADER_STATUS
+      } = http2__default["default"].constants;
+
       const http2Headers = {
         [HTTP2_HEADER_SCHEME]: options.protocol.replace(':', ''),
         [HTTP2_HEADER_METHOD]: options.method,
@@ -40145,6 +40147,9 @@ const httpAdapter = isHttpAdapterSupported && function httpAdapter(config) {
           req
         ));
       });
+    } else {
+      // explicitly reset the socket timeout value for a possible `keep-alive` request
+      req.setTimeout(0);
     }