Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump @octokit/request, @actions/github, @octokit/core and lerna #6103

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

chore(deps): bump @octokit/request, @actions/github, @octokit/core and lerna #6103

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 18, 2025

Bumps @octokit/request to 9.2.2 and updates ancestor dependencies @octokit/request, @actions/github, @octokit/core and lerna. These dependencies need to be updated together.

Updates @octokit/request from 5.6.3 to 9.2.2

Release notes

Sourced from @​octokit/request's releases.

v9.2.2

9.2.2 (2025-02-14)

Bug Fixes

  • deps: update dependency @​octokit/request-error to v6.1.7 [security] (#740) (4b2f485)

v9.2.1

9.2.1 (2025-02-13)

Bug Fixes

  • mitigate ReDos vulnerabilities & lint (#738) (6bb29ba)

v9.2.0

9.2.0 (2025-01-16)

Features

  • correctly parse response bodies as JSON where the Content-Type is application/scim+json (#731) (00bf316)

v9.1.4

9.1.4 (2024-12-29)

Bug Fixes

  • deps: bump @octokit/types to fix deno compat (#730) (324ffef)

v9.1.3

9.1.3 (2024-07-14)

Bug Fixes

v9.1.2

9.1.2 (2024-07-13)

Bug Fixes

  • refactor: async await instead of Promise chain (#711) (611b275)

v9.1.1

9.1.1 (2024-04-15)

... (truncated)

Commits
  • 4b2f485 fix(deps): update dependency @​octokit/request-error to v6.1.7 [security] (#740)
  • 0320a42 chore(deps): update dependency prettier to v3.5.1 (#737)
  • 6bb29ba fix: mitigate ReDos vulnerabilities & lint (#738)
  • 34ff07e Merge commit from fork
  • a0e96b3 chore(deps): update dependency esbuild to ^0.25.0 (#736)
  • d27daa7 build(deps-dev): bump vitest and @​vitest/coverage-v8 (#735)
  • bc07c8a build(deps): bump vite from 5.4.6 to 6.0.11 (#734)
  • 4266a84 build(deps-dev): bump undici from 6.19.2 to 6.21.1 (#733)
  • c2d27a2 chore(deps): update vitest monorepo to v3 (major) (#732)
  • 00bf316 feat: correctly parse response bodies as JSON where the Content-Type is `appl...
  • Additional commits viewable in compare view

Updates @actions/github from 5.1.1 to 6.0.0

Changelog

Sourced from @​actions/github's changelog.

6.0.0

  • Support the latest Octokit in @​actions/github #1553
    • Drop support of NodeJS v14, v16
Commits

Updates @octokit/core from 4.2.4 to 6.1.4

Release notes

Sourced from @​octokit/core's releases.

v6.1.4

6.1.4 (2025-02-13)

Bug Fixes

  • deps: bump Octokit dependencies vulnerable to ReDos (#723) (582d8bd)

v6.1.3

6.1.3 (2025-01-03)

Bug Fixes

  • deps: bump Octokit dependencies to fix Deno compat (#715) (e2b21bb)

v6.1.2

6.1.2 (2024-04-09)

Bug Fixes

v6.1.1

6.1.1 (2024-04-03)

Bug Fixes

  • deps: update dependency @​octokit/types to v13 (ade2813)

v6.1.0

6.1.0 (2024-04-03)

Features

v6.0.1

6.0.1 (2024-02-26)

Bug Fixes

v6.0.0

6.0.0 (2024-02-25)

... (truncated)

Commits
  • 582d8bd fix(deps): bump Octokit dependencies vulnerable to ReDos (#723)
  • 4c21074 chore(deps): update dependency esbuild to ^0.25.0 (#721)
  • 5fa1fe1 chore(deps-dev): bump vitest and @​vitest/coverage-v8 (#720)
  • c064e48 chore(deps-dev): bump vite from 5.4.6 to 6.0.11 (#719)
  • 21587d7 chore(deps): update dependency undici to v6.21.1 [security] (#718)
  • 4e6e8e7 chore(deps): update vitest monorepo to v3 (major) (#716)
  • e2b21bb fix(deps): bump Octokit dependencies to fix Deno compat (#715)
  • 53c4aef chore(deps): remove unused dependency @​types/jest (#714)
  • 50c5386 chore(deps): update dependency prettier to v3.4.2 (#712)
  • 22bbb08 chore(deps): update dependency @​sinonjs/fake-timers to v14 (#713)
  • Additional commits viewable in compare view

Updates lerna from 5.5.4 to 8.1.9

Release notes

Sourced from lerna's releases.

v8.1.9

8.1.9 (2024-10-31)

Bug Fixes

Features

  • publish: support full file path for --summary-file (#4039) (cfd573a)

v8.1.8

8.1.8 (2024-08-05)

Bug Fixes

  • publish: upgrade @​npmcli/arborist to 7.5.4 (#4058) (89de0eb)
  • version: truncate release body based on maximum size allowed by VCS client (#4041) (3c2a3c9)

Features

  • publish: enable throttling when publishing modules (#4013) (fccca12)

v8.1.7

8.1.7 (2024-07-21)

Bug Fixes

v8.1.6

8.1.6 (2024-07-05)

Bug Fixes

v8.1.5

8.1.5 (2024-06-24)

... (truncated)

Changelog

Sourced from lerna's changelog.

8.1.9 (2024-10-31)

Bug Fixes

8.1.8 (2024-08-05)

Bug Fixes

  • publish: upgrade @​npmcli/arborist to 7.5.4 (#4058) (89de0eb)

8.1.7 (2024-07-21)

Bug Fixes

8.1.6 (2024-07-05)

Bug Fixes

8.1.5 (2024-06-24)

Bug Fixes

  • update npm utility dependencies and related packages (#4033) (bd1c2d8)

8.1.4 (2024-06-09)

Note: Version bump only for package lerna

8.1.3 (2024-05-13)

Bug Fixes

8.1.2 (2024-02-05)

Note: Version bump only for package lerna

8.1.1 (2024-02-05)

Note: Version bump only for package lerna

... (truncated)

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump @octokit/request, @actions/github, @octokit/core an…
23d9d76 
…d lerna

Bumps [@octokit/request](https://github.com/octokit/request.js) to 9.2.2 and updates ancestor dependencies [@octokit/request](https://github.com/octokit/request.js), [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github), [@octokit/core](https://github.com/octokit/core.js) and [lerna](https://github.com/lerna/lerna/tree/HEAD/packages/lerna). These dependencies need to be updated together.


Updates `@octokit/request` from 5.6.3 to 9.2.2
- [Release notes](https://github.com/octokit/request.js/releases)
- [Commits](octokit/request.js@v5.6.3...v9.2.2)

Updates `@actions/github` from 5.1.1 to 6.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

Updates `@octokit/core` from 4.2.4 to 6.1.4
- [Release notes](https://github.com/octokit/core.js/releases)
- [Commits](octokit/core.js@v4.2.4...v6.1.4)

Updates `lerna` from 5.5.4 to 8.1.9
- [Release notes](https://github.com/lerna/lerna/releases)
- [Changelog](https://github.com/lerna/lerna/blob/main/packages/lerna/CHANGELOG.md)
- [Commits](https://github.com/lerna/lerna/commits/v8.1.9/packages/lerna)

---
updated-dependencies:
- dependency-name: "@octokit/request"
  dependency-type: indirect
- dependency-name: "@actions/github"
  dependency-type: direct:production
- dependency-name: "@octokit/core"
  dependency-type: direct:development
- dependency-name: lerna
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner February 18, 2025 23:08
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 18, 2025
@dependabot dependabot bot requested a review from daphne-sfdc February 18, 2025 23:08
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@daphne-sfdc daphne-sfdc Awaiting requested review from daphne-sfdc daphne-sfdc is a code owner automatically assigned from forcedotcom/ide-experience

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants