fix(deps): update @octokit/core to 6.1.4

[MikeMcC399]

Situation

Dependabot reports:

• CVE-2025-25289 for @octokit/request-errror versions >= 1.0.0, < 5.1.1 needing patched version 5.1.1 and versions >= 6.0.0, < 6.1.7 needing patched version 6.1.7
• CVE-2025-25290 for @octokit/request versions >= 1.0.0, < 9.2.1 needing patched version 9.2.1

Assessment

These are the current dependency hierarchies:

$ npm ls @octokit/request-error
@cypress/[email protected]
└─┬ @octokit/[email protected]
  ├── @octokit/[email protected]
  └─┬ @octokit/[email protected]
    └── @octokit/[email protected] deduped

$ npm ls @octokit/request
@cypress/[email protected]
└─┬ @octokit/[email protected]
  ├─┬ @octokit/[email protected]
  │ └── @octokit/[email protected] deduped
  └── @octokit/[email protected]

As potential mitigation paths:

@octokit/[email protected] uses vulnerable "@octokit/request-error": "^3.0.0"
@octokit/[email protected] uses vulnerable "@octokit/request": "^8.3.1"

leaving only:

@octokit/[email protected] that resolves the vulnerabilities and that is the lowest possible version

Other compatibility considerations:

@octokit/[email protected] migrated to be an ESM package

Loading ECMAScript modules using require() was added into Node.js v20.17.0

GitHub Actions node20 uses NODE20_VERSION="20.18.2" (see https://github.com/actions/runner/blob/main/src/Misc/externals.sh) and so supports require(ESM).

Change

@octokit/core is updated from @octokit/[email protected] to @octokit/[email protected]

This resolves the vulnerabilities reported by Dependabot.

[cypress-app-bot]

• Create a Draft Pull Request if your PR is not ready for review. Mark the PR as Ready for Review when you're ready for a Cypress team member to review the PR.

[github-actions]

🎉 This PR is included in version 6.7.12 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀