Bump http-client version (actions#221) by pkrulec-cen57570 · Pull Request #222

Bump http-client version (actions#221) by pkrulec-cen57570 · Pull Request #222 · actions/setup-java

Hello @dmitry-shibanov and thank you for your feedback! I've checked the license for http-client, updated version and licensed status now exits successfully.

I've also run the npm update @actions/http-client command with npm 6.14.15 (Node v12.22.6), however, it looks like this version of npm downgrades the version of package-lock.json from v2 to v1, see the new commit's diff. Is this desirable?

$ npm update @actions/http-client                                                                                                                                                                                          
npm WARN read-shrinkwrap This version of npm is compatible with lockfileVersion@1, but package-lock.json was generated for lockfileVersion@2. I'll try to do my best with it!
npm WARN optional SKIPPING OPTIONAL DEPENDENCY: fsevents@2.3.2 (node_modules/fsevents):
npm WARN notsup SKIPPING OPTIONAL DEPENDENCY: Unsupported platform for fsevents@2.3.2: wanted {"os":"darwin","arch":"any"} (current: {"os":"linux","arch":"x64"})

+ @actions/http-client@1.0.11
added 587 packages from 465 contributors and audited 593 packages in 12.971s

24 packages are looking for funding
  run `npm fund` for details

found 280 moderate severity vulnerabilities
  run `npm audit fix` to fix them, or `npm audit` for details

Output of npm version 7.x looks much better.