From 731607e879ce32a8a484864e383b98adb62b5128 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 23 Feb 2026 19:08:51 +0000
Subject: [PATCH] fix(deps): bump @actions/exec from 1.1.1 to 3.0.0

Bumps [@actions/exec](https://github.com/actions/toolkit/tree/HEAD/packages/exec) from 1.1.1 to 3.0.0.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/exec/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/exec)

---
updated-dependencies:
- dependency-name: "@actions/exec"
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 package-lock.json | 52 +++++++++++++++++++++++++++++++++++++++--------
 package.json      |  2 +-
 2 files changed, 44 insertions(+), 10 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index eb69c35..071a580 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,7 +10,7 @@
             "license": "MIT",
             "dependencies": {
                 "@actions/core": "1.10.0",
-                "@actions/exec": "1.1.1",
+                "@actions/exec": "3.0.0",
                 "@microsoft/security-devops-actions-toolkit": "1.11.0"
             },
             "devDependencies": {
@@ -36,10 +36,11 @@
             }
         },
         "node_modules/@actions/exec": {
-            "version": "1.1.1",
-            "license": "MIT",
+            "version": "3.0.0",
+            "resolved": "https://registry.npmjs.org/@actions/exec/-/exec-3.0.0.tgz",
+            "integrity": "sha512-6xH/puSoNBXb72VPlZVm7vQ+svQpFyA96qdDBvhB8eNZOE8LtPf9L4oAsfzK/crCL8YZ+19fKYVnM63Sl+Xzlw==",
             "dependencies": {
-                "@actions/io": "^1.0.1"
+                "@actions/io": "^3.0.2"
             }
         },
         "node_modules/@actions/http-client": {
@@ -50,8 +51,9 @@
             }
         },
         "node_modules/@actions/io": {
-            "version": "1.0.2",
-            "license": "MIT"
+            "version": "3.0.2",
+            "resolved": "https://registry.npmjs.org/@actions/io/-/io-3.0.2.tgz",
+            "integrity": "sha512-nRBchcMM+QK1pdjO7/idu86rbJI5YHUKCvKs0KxnSYbVe3F51UfGxuZX4Qy/fWlp6l7gWFwIkrOzN+oUK03kfw=="
         },
         "node_modules/@isaacs/cliui": {
             "version": "8.0.2",
@@ -161,6 +163,19 @@
                 "decompress-response": "^8.1.0"
             }
         },
+        "node_modules/@microsoft/security-devops-actions-toolkit/node_modules/@actions/exec": {
+            "version": "1.1.1",
+            "resolved": "https://registry.npmjs.org/@actions/exec/-/exec-1.1.1.tgz",
+            "integrity": "sha512-+sCcHHbVdk93a0XT19ECtO/gIXoxvdsgQLzb2fE2/5sIZmWQuluYyjPQtrtTHdU1YzTZ7bAPN4sITq2xi1679w==",
+            "dependencies": {
+                "@actions/io": "^1.0.1"
+            }
+        },
+        "node_modules/@microsoft/security-devops-actions-toolkit/node_modules/@actions/io": {
+            "version": "1.1.3",
+            "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz",
+            "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q=="
+        },
         "node_modules/@nodelib/fs.scandir": {
             "version": "2.1.5",
             "dev": true,
@@ -4226,9 +4241,11 @@
             }
         },
         "@actions/exec": {
-            "version": "1.1.1",
+            "version": "3.0.0",
+            "resolved": "https://registry.npmjs.org/@actions/exec/-/exec-3.0.0.tgz",
+            "integrity": "sha512-6xH/puSoNBXb72VPlZVm7vQ+svQpFyA96qdDBvhB8eNZOE8LtPf9L4oAsfzK/crCL8YZ+19fKYVnM63Sl+Xzlw==",
             "requires": {
-                "@actions/io": "^1.0.1"
+                "@actions/io": "^3.0.2"
             }
         },
         "@actions/http-client": {
@@ -4238,7 +4255,9 @@
             }
         },
         "@actions/io": {
-            "version": "1.0.2"
+            "version": "3.0.2",
+            "resolved": "https://registry.npmjs.org/@actions/io/-/io-3.0.2.tgz",
+            "integrity": "sha512-nRBchcMM+QK1pdjO7/idu86rbJI5YHUKCvKs0KxnSYbVe3F51UfGxuZX4Qy/fWlp6l7gWFwIkrOzN+oUK03kfw=="
         },
         "@isaacs/cliui": {
             "version": "8.0.2",
@@ -4314,6 +4333,21 @@
                 "@actions/exec": "1.1.1",
                 "adm-zip": "0.5.10",
                 "decompress-response": "^8.1.0"
+            },
+            "dependencies": {
+                "@actions/exec": {
+                    "version": "1.1.1",
+                    "resolved": "https://registry.npmjs.org/@actions/exec/-/exec-1.1.1.tgz",
+                    "integrity": "sha512-+sCcHHbVdk93a0XT19ECtO/gIXoxvdsgQLzb2fE2/5sIZmWQuluYyjPQtrtTHdU1YzTZ7bAPN4sITq2xi1679w==",
+                    "requires": {
+                        "@actions/io": "^1.0.1"
+                    }
+                },
+                "@actions/io": {
+                    "version": "1.1.3",
+                    "resolved": "https://registry.npmjs.org/@actions/io/-/io-1.1.3.tgz",
+                    "integrity": "sha512-wi9JjgKLYS7U/z8PPbco+PvTb/nRWjeoFlJ1Qer83k/3C5PHQi28hiVdeE2kHXmIL99mQFawx8qt/JPjZilJ8Q=="
+                }
             }
         },
         "@nodelib/fs.scandir": {
diff --git a/package.json b/package.json
index 7f43ea2..9aad8a1 100644
--- a/package.json
+++ b/package.json
@@ -16,7 +16,7 @@
     "license": "MIT",
     "dependencies": {
         "@actions/core": "1.10.0",
-        "@actions/exec": "1.1.1",
+        "@actions/exec": "3.0.0",
         "@microsoft/security-devops-actions-toolkit": "1.11.0"
     },
     "devDependencies": {