actions
v5 DeprecationWarning: `url.parse()` behavior is not standardized
Description: Somewhat similarly to #1364, this action reports a deprecation warning after upgrade to v5:
(node:1679) [DEP0169] DeprecationWarning: `url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.
I checked the last run we had with a cache hit (from August 12) under v4, and it did not print this warning.
Action version:
v5 tag, which as of the run (a few minutes ago) resolves to commit a0853c24544627f65ddf259abe73b1d18a591444
Platform:
- [x] Ubuntu
- [ ] macOS
- [ ] Windows
Runner type:
- [x] Hosted
- [ ] Self-hosted
Tools version:
- node: v20.19.5
- npm: 10.8.2
- yarn: 1.22.22
Repro steps:
Run actions/setup-node@v5
with:
node-version: 20
cache: npm
always-auth: false
check-latest: false
token: ***
package-manager-cache: true
env:
TARGET_DOMAIN: ***
Expected behavior: Action quietly restores cache.
Actual behavior: Action prints a deprecation warning (and then restores cache).
Log snippet:
Relevant runner log lines
Environment details
node: v20.19.5
npm: 10.8.2
yarn: 1.22.22
/opt/hostedtoolcache/node/20.19.5/x64/bin/npm config get cache
/home/runner/.npm
Cache hit for: node-cache-Linux-x64-npm-<snipped_hash>
(node:1679) [DEP0169] DeprecationWarning: `url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.
