fix: vulnerabilities (#6)

* Fix macos latest check failures (actions#1041)

* Update latest node versions

* Update latest node versions

* Update test data

* Update test data

* Update test data

* Update test data

* Update test data

* macos lts failure fix

* Update macos-13

* Bump braces from 3.0.2 to 3.0.3 (actions#1087)

* Bump braces from 3.0.2 to 3.0.3

Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump undici from 5.28.3 to 5.28.4

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: HarithaVattikuti <[email protected]>

* Documentation update in the README file (actions#1106)

* first commit on using setup node

* Delete .github/workflows/helloWorld.yml

* Create main.yml

* Rename main.yml to helloworld.yml

* goodbye world added

* name changed to goodbye

* updated README

---------

Co-authored-by: Suyash Gaonkar <[email protected]>

* Fix: windows arm64 setup (actions#1126)

* Add condition to ensure ZIP extraction targets only Windows ARM64 official archives

* Bumps micromatch from 4.0.5 to 4.0.8

* Create publish-immutable-action.yml

* Upgrade IA Publish

* Correct version string (actions#1124)

* Resolve High Security Alerts by upgrading Dependencies (actions#1132)

* db-alerts-fix

* npm run format

* db-alert-fix

* failure check fix

* check- filaure fix

* Revise `isGhes` logic (actions#1148)

* Revise `isGhes` logic

* ran 'npm run format'

* added unit test

* fix: add arch to cached path (actions#843)

* fix: add arch to cached path

* fix: change from using env to os module

* fix: use process.env.RUNNER_OS instead of os.platform()

* fix: remove unused var

* Add macos-13 to the workflows and upgrade publish-actions from 0.2.2 to 0.3.0 (actions#1174)

* Update versions.yml

* Update versions.yml

* ubuntu-24, macos-13 updates

* check -failure fix

* Update README.md (actions#1193)

* Create dependabot.yml (actions#1192)

* Use the new cache service: upgrade `@actions/cache` to `^4.0.0` (actions#1191)

* upgrade `@actions/cache` to `^4.0.0`

* Review licenses & update types

* updated package-lock.json

* Bump pnpm/action-setup from 2 to 4 (actions#1194)

Bumps [pnpm/action-setup](https://github.com/pnpm/action-setup) from 2 to 4.
- [Release notes](https://github.com/pnpm/action-setup/releases)
- [Commits](pnpm/action-setup@v2...v4)

---
updated-dependencies:
- dependency-name: pnpm/action-setup
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (actions#1195)

Bumps [actions/publish-immutable-action](https://github.com/actions/publish-immutable-action) from 0.0.3 to 0.0.4.
- [Release notes](https://github.com/actions/publish-immutable-action/releases)
- [Commits](actions/publish-immutable-action@0.0.3...v0.0.4)

---
updated-dependencies:
- dependency-name: actions/publish-immutable-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump semver from 7.6.0 to 7.6.3 (actions#1196)

* Bump semver from 7.6.0 to 7.6.3

Bumps [semver](https://github.com/npm/node-semver) from 7.6.0 to 7.6.3.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.6.0...v7.6.3)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* fix for check-dist & license check failures

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <[email protected]>

* Bump @types/jest from 29.5.12 to 29.5.14 (actions#1201)

Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 29.5.12 to 29.5.14.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

---
updated-dependencies:
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump undici from 5.28.4 to 5.28.5 (actions#1205)

* Bump undici from 5.28.4 to 5.28.5

Bumps [undici](https://github.com/nodejs/undici) from 5.28.4 to 5.28.5.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.28.4...v5.28.5)

---
updated-dependencies:
- dependency-name: undici
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>

* fix for check-dist and license failures

* npm run updates

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <[email protected]>

* Bump @actions/glob from 0.4.0 to 0.5.0 (actions#1200)

* Bump @actions/glob from 0.4.0 to 0.5.0

Bumps [@actions/glob](https://github.com/actions/toolkit/tree/HEAD/packages/glob) from 0.4.0 to 0.5.0.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/glob/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/glob)

---
updated-dependencies:
- dependency-name: "@actions/glob"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>

* fix for check-dist and license failures

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <[email protected]>

* actions/cache upgrade (actions#1251)

Co-authored-by: “gowridurgad” <“[email protected]>

* Bump @vercel/ncc from 0.38.1 to 0.38.3 (actions#1203)

* Bump @vercel/ncc from 0.38.1 to 0.38.3

Bumps [@vercel/ncc](https://github.com/vercel/ncc) from 0.38.1 to 0.38.3.
- [Release notes](https://github.com/vercel/ncc/releases)
- [Commits](vercel/ncc@0.38.1...0.38.3)

---
updated-dependencies:
- dependency-name: "@vercel/ncc"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* fix for check failures

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <[email protected]>

* Bump @actions/tool-cache from 2.0.1 to 2.0.2 (actions#1220)

* Bump @actions/tool-cache from 2.0.1 to 2.0.2

Bumps [@actions/tool-cache](https://github.com/actions/toolkit/tree/HEAD/packages/tool-cache) from 2.0.1 to 2.0.2.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/tool-cache/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/tool-cache)

---
updated-dependencies:
- dependency-name: "@actions/tool-cache"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* check failures fix

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <[email protected]>

* Make eslint-compact matcher compatible with Stylelint (actions#98)

* Add support for indented eslint output (actions#1245)

* feat: support private mirrors (actions#1240)

* feat: support private mirrors

* chore: change fallback message with mirrors

* Bump @action/cache from 4.0.2 to 4.0.3 (actions#1262)

* Update versions.yml

* Update versions.yml

* actions/cache upgrade to 4.0.3

* events update

* npm audit fix revert

* npm adit fix revert

* Bump @octokit/request-error and @actions/github (actions#1227)

* Bump @octokit/request-error and @actions/github

Bumps [@octokit/request-error](https://github.com/octokit/request-error.js) to 5.1.1 and updates ancestor dependency [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github). These dependencies need to be updated together.


Updates `@octokit/request-error` from 2.1.0 to 5.1.1
- [Release notes](https://github.com/octokit/request-error.js/releases)
- [Commits](octokit/request-error.js@v2.1.0...v5.1.1)

Updates `@actions/github` from 5.1.1 to 6.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@octokit/request-error"
  dependency-type: indirect
- dependency-name: "@actions/github"
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>

* Fix failures

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: HarithaVattikuti <[email protected]>

* Bump uuid from 9.0.1 to 11.1.0 (actions#1273)

* Bump uuid from 9.0.1 to 11.1.0

Bumps [uuid](https://github.com/uuidjs/uuid) from 9.0.1 to 11.1.0.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v9.0.1...v11.1.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-version: 11.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

* Bump uuid from 9.0.1 to 11.1.0

Bumps [uuid](https://github.com/uuidjs/uuid) from 9.0.1 to 11.1.0.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v9.0.1...v11.1.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-version: 11.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>

* Fix failures

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: HarithaVattikuti <[email protected]>

* fix: build

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: HarithaVattikuti <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: suyashgaonkar <[email protected]>
Co-authored-by: Suyash Gaonkar <[email protected]>
Co-authored-by: Priya Gupta <[email protected]>
Co-authored-by: Joel Ambass <[email protected]>
Co-authored-by: William Entriken <[email protected]>
Co-authored-by: aparnajyothi-y <[email protected]>
Co-authored-by: John Wesley Walker III <[email protected]>
Co-authored-by: Peng Xiao <[email protected]>
Co-authored-by: Ben Wells <[email protected]>
Co-authored-by: Aparna Jyothi <[email protected]>
Co-authored-by: gowridurgad <[email protected]>
Co-authored-by: “gowridurgad” <“[email protected]>
Co-authored-by: Flo Edelmann <[email protected]>
Co-authored-by: fregante <[email protected]>
Co-authored-by: Marco Ippolito <[email protected]>

Author: 17 people

.github/dependabot.yml

@@ -0,0 +1,22 @@
+# To get started with Dependabot version updates, you'll need to specify which
+# package ecosystems to update and where the package manifests are located.
+# Please see the documentation for all configuration options:
+# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file
+
+version: 2
+updates:
+  # Enable version updates for npm
+  - package-ecosystem: 'npm'
+    # Look for `package.json` and `lock` files in the `root` directory
+    directory: '/'
+    # Check the npm registry for updates every day (weekdays)
+    schedule:
+      interval: 'weekly'
+
+  # Enable version updates for GitHub Actions
+  - package-ecosystem: 'github-actions'
+    # Workflow files stored in the default location of `.github/workflows`
+    # You don't need to specify `/.github/workflows` for `directory`. You can use `directory: "/"`.
+    directory: '/'
+    schedule:
+      interval: 'weekly'

.github/eslint-compact.json

@@ -4,7 +4,7 @@
             "owner": "eslint-compact",
             "pattern": [
                 {
-                    "regexp": "^(.+):\\sline\\s(\\d+),\\scol\\s(\\d+),\\s(Error|Warning|Info)\\s-\\s(.+)\\s\\((.+)\\)$",
+                    "regexp": "^(.+):\\sline\\s(\\d+),\\scol\\s(\\d+),\\s([Ee]rror|[Ww]arning|[Ii]nfo)\\s-\\s(.+)\\s\\((.+)\\)$",
                     "file": 1,
                     "line": 2,
                     "column": 3,

.github/eslint-stylish.json

@@ -4,7 +4,7 @@
             "owner": "eslint-stylish",
             "pattern": [
                 {
-                    "regexp": "^([^\\s].*)$",
+                    "regexp": "^\\s*([^\\s].*)$",
                     "file": 1
                 },
                 {

.github/workflows/e2e-cache.yml

@@ -18,8 +18,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version: [12, 14, 16]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        node-version: [18, 20, 22]
     steps:
       - uses: actions/checkout@v4
       - name: Clean global cache
@@ -41,12 +41,12 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version: [12, 14, 16]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        node-version: [18, 20, 22]
     steps:
       - uses: actions/checkout@v4
       - name: Install pnpm
-        uses: pnpm/action-setup@v2
+        uses: pnpm/action-setup@v4
         with:
           version: 6.10.0
       - name: Generate pnpm file
@@ -74,8 +74,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version: [14, 16]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        node-version: [18, 20]
     steps:
       - uses: actions/checkout@v4
       - name: Yarn version
@@ -106,8 +106,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version: [12, 14, 16]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        node-version: [18, 20, 22]
     steps:
       - uses: actions/checkout@v4
       - name: Update yarn
@@ -139,7 +139,7 @@ jobs:
     name: Test yarn subprojects
     strategy:
       matrix:
-        node-version: [12, 14, 16]
+        node-version: [18, 20, 22]
     runs-on: ubuntu-latest
 
     steps:
@@ -166,7 +166,7 @@ jobs:
     name: Test yarn subprojects all locally managed
     strategy:
       matrix:
-        node-version: [12, 14, 16]
+        node-version: [18, 20, 22]
     runs-on: ubuntu-latest
 
     steps:
@@ -193,7 +193,7 @@ jobs:
     name: Test yarn subprojects some locally managed
     strategy:
       matrix:
-        node-version: [12, 14, 16]
+        node-version: [18, 20, 22]
     runs-on: ubuntu-latest
 
     steps:
@@ -220,7 +220,7 @@ jobs:
     name: Test yarn subprojects managed by git
     strategy:
       matrix:
-        node-version: [12, 14, 16]
+        node-version: [18, 20, 22]
     runs-on: ubuntu-latest
 
     steps:

.github/workflows/publish-immutable-actions.yml

@@ -0,0 +1,20 @@
+name: 'Publish Immutable Action Version'
+
+on:
+  release:
+    types: [published]
+
+jobs:
+  publish:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      id-token: write
+      packages: write
+
+    steps:
+      - name: Checking out
+        uses: actions/checkout@v4
+      - name: Publish
+        id: publish
+        uses: actions/[email protected]

.github/workflows/release-new-action-version.yml

@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Update the ${{ env.TAG_NAME }} tag
-        uses: actions/publish-action@v0.2.2
+        uses: actions/publish-action@v0.3.0
         with:
           source-tag: ${{ env.TAG_NAME }}
           slack-webhook: ${{ secrets.SLACK_WEBHOOK }}

.github/workflows/versions.yml

@@ -17,8 +17,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version: [10, 12, 14]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        node-version: [18, 20, 22]
     steps:
       - uses: actions/checkout@v4
       - name: Setup Node
@@ -34,7 +34,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
+        os: [ubuntu-latest, windows-latest, macos-13]
         node-version: [lts/dubnium, lts/erbium, lts/fermium, lts/*, lts/-1]
     steps:
       - uses: actions/checkout@v4
@@ -43,7 +43,7 @@ jobs:
         with:
           node-version: ${{ matrix.node-version }}
           check-latest: true
-      - if: runner.os != 'Windows'
+      - if: runner.os != 'Windows' && runner.os != 'macOS'
         name: Verify node and npm
         run: |
           . "$NVM_DIR/nvm.sh"
@@ -56,7 +56,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
         node-version:
           [
             '20-v8-canary',
@@ -81,9 +81,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version:
-          [16.0.0-nightly20210420a0261d231c, 17-nightly, 18.0.0-nightly]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        node-version: [20-nightly, 21-nightly, 18.0.0-nightly]
     steps:
       - uses: actions/checkout@v4
       - name: Setup Node
@@ -102,8 +101,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version: [16.0.0-rc.1, 18.0.0-rc.2, 19.0.0-rc.0]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        node-version: [20.0.0-rc.1, 18.0.0-rc.2, 19.0.0-rc.0]
     steps:
       - uses: actions/checkout@v4
       - name: Setup Node
@@ -122,8 +121,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version: [10.15, 12.16.0, 14.2.0, 16.3.0]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        node-version: [18.20.0, 20.10.0, 22.0.0]
     steps:
       - uses: actions/checkout@v4
       - name: Setup Node
@@ -139,8 +138,8 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version: [10, 12, 14]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        node-version: [18, 20, 22]
     steps:
       - uses: actions/checkout@v4
       - name: Setup Node and check latest
@@ -157,7 +156,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
         node-version-file:
           [.nvmrc, .tool-versions, .tool-versions-node, package.json]
     steps:
@@ -167,45 +166,45 @@ jobs:
         with:
           node-version-file: '__tests__/data/${{ matrix.node-version-file }}'
       - name: Verify node
-        run: __tests__/verify-node.sh 14
+        run: __tests__/verify-node.sh 20
 
   version-file-volta:
     runs-on: ${{ matrix.os }}
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
     steps:
       - uses: actions/checkout@v4
       - name: Setup node from node version file
         uses: ./
         with:
           node-version-file: '__tests__/data/package-volta.json'
       - name: Verify node
-        run: __tests__/verify-node.sh 16
+        run: __tests__/verify-node.sh 20
 
   version-file-volta-extends:
     runs-on: ${{ matrix.os }}
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
     steps:
       - uses: actions/checkout@v4
       - name: Setup node from node version file
         uses: ./
         with:
           node-version-file: '__tests__/data/package-volta-extends.json'
       - name: Verify node
-        run: __tests__/verify-node.sh 16
+        run: __tests__/verify-node.sh 20
 
   node-dist:
     runs-on: ${{ matrix.os }}
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
-        node-version: [11, 13]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
+        node-version: [17, 19]
     steps:
       - uses: actions/checkout@v4
       - name: Setup Node from dist
@@ -221,7 +220,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
+        os: [ubuntu-latest, windows-latest, macos-13]
     steps:
       - uses: actions/checkout@v4
       # test old versions which didn't have npm and layout different
@@ -237,10 +236,10 @@ jobs:
     runs-on: windows-latest
     steps:
       - uses: actions/checkout@v4
-      - name: Setup node 14 x86 from dist
+      - name: Setup node 20 x86 from dist
         uses: ./
         with:
-          node-version: '14'
+          node-version: '20'
           architecture: 'x86'
       - name: Verify node
         run: __tests__/verify-arch.sh "ia32"
@@ -251,7 +250,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, windows-latest, macos-latest]
+        os: [ubuntu-latest, windows-latest, macos-latest, macos-13]
         node-version: [current, latest, node]
     steps:
       - name: Get node version