Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update dependency probot to v12 [security] #62

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link

@renovate renovate bot commented Dec 16, 2023

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
probot (source) ^6.0.0 -> ^12.3.3 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2023-50728

Impact

Versions v9.26.0, v10.9.x), v11.1.x, v12.0.x all contained the code that would throw the error.

Specifically, during a pentest we encountered a bug in the octokit/webhooks library (a dependency of Probot, a framework for building Github Apps). The resulting request was found to cause an uncaught exception that ends the nodejs process.

The problem is caused by an issue with error handling in the @​octokit/webhooks library because the error can be undefined in some cases.

Credit goes to @​pb82 (for the early analysis) and @​rh-tguittet (for discovery).

Patches

Maintenance releases for the Error being thrown by the verify method in octokit/webhooks.js

Maintenance release for the reference for octokit/webhooks.js in app.js

Maintenance release for the reference for octokit/webhooks.js in octokit.js

Maintenance release for the reference for octokit/webhooks.js in Protobot

Workarounds

It is recommend that all users upgrade to the latest version of octokit/webhooks.js or use one of the updated back ported versions.


Release Notes

probot/probot (probot)

v12.3.3

Compare Source

Bug Fixes

v12.3.2

Compare Source

Bug Fixes

v12.3.1

Compare Source

Bug Fixes

v12.3.0

Compare Source

Features

v12.2.9

Compare Source

Bug Fixes

v12.2.8

Compare Source

Bug Fixes

v12.2.7

Compare Source

Bug Fixes

v12.2.6

Compare Source

Bug Fixes

v12.2.5

Compare Source

Bug Fixes

v12.2.4

Compare Source

Bug Fixes

v12.2.3

Compare Source

Bug Fixes
  • deps: bump eventsource from 1.1.0 to 2.0.2 (7fd06d6)

v12.2.2

Compare Source

Bug Fixes

v12.2.1

Compare Source

Bug Fixes

v12.2.0

Compare Source

Features
  • customize account name for manifest creation flow using GH_ORG environment variable (#​1606) (992b480)

v12.1.4

Compare Source

Bug Fixes

v12.1.3

Compare Source

Bug Fixes

v12.1.2

Compare Source

Bug Fixes
  • typescript: add types for context.{repo,issue,pullRequest} (#​1622) (638a3b2)

v12.1.1

Compare Source

Bug Fixes

v12.1.0

Compare Source

Features

v12.0.0

Compare Source

Features
BREAKING CHANGES
  • remove '*' event
  • app.webhooks.middleware has been removed in @octokit/webhooks v9
  • removes the webhookPath option on new Probot({}) for the webhooks middleware

Co-authored-by: wolfy1339 [email protected]

v11.4.1

Compare Source

Bug Fixes
  • support setting baseUrl on Octokit constructor instead of Probot constructor (#​1552) (453ddd2)

v11.4.0

Compare Source

Features

v11.3.2

Compare Source

Bug Fixes

v11.3.1

Compare Source

Bug Fixes
  • setup: do not enter setup mode if HOST environment variable is set (#​1538) (4d70d69)

v11.3.0

Compare Source

Features

v11.2.4

Compare Source

Bug Fixes

v11.2.3

Compare Source

Bug Fixes

v11.2.2

Compare Source

Bug Fixes
  • add workaround for "appId option is required" when in setup mode (#​1513) (e11b91e)

v11.2.1

Compare Source

Bug Fixes

v11.2.0

Compare Source

Features

v11.1.1

Compare Source

Bug Fixes

v11.1.0

Compare Source

Features
  • add onAny and onError methods from @octokit/webhooks (#​1480) (9a24f9d)

v11.0.6

Compare Source

Bug Fixes

v11.0.5

Compare Source

Bug Fixes
  • clarify error message in case of invalid app authentication (#​1465) thanks @​eXpire163 (5f1831b)

v11.0.4

Compare Source

Bug Fixes
  • TypeScript: fix description of context.pullRequest method (#​1461) (a5779ff)

v11.0.3

Compare Source

Bug Fixes

v11.0.2

Compare Source

Bug Fixes
  • typescript: remove options.webhookProxy from Probot constructor (#​1459) (01bb678)

v11.0.1

Compare Source

Bug Fixes

v11.0.0

Compare Source

BREAKING CHANGES

For a smooth upgrade, make sure to update to the latest Probot v10 version first (npm install probot@10), run your tests, and address all deprecation messages. Nearly all removed APIs have previously been deprecated.

  • deprecated context.octokit.* have been removed via @octokit/plugin-rest-endpoint-methods v4

  • probot.server property removed. Build your own server instead using import { Server } from "probot"

  • probot.load() is now asynchronous and no longer returns the instance

  • express-async-errors is no longer used.

  • Probot constructor parameter no longer supported in createNodeMiddleware(app, { Probot }). Pass a probot instance instead: createNodeMiddleware(app, { probot })

  • getOptions() has been removed. Use { probot: createProbot() } instead

  • probot.load(appFn) no longer accepts appFn to be a path string. Pass the actual function instead.

  • probot.setup() removed. Use the new Server class instead:

    const { Server, Probot } = require("probot")
    const server = new Server({
      // optional:
      host,
      port,
      webhookPath,
      webhookProxy,
      Probot: Probot.defaults({ id, privateKey, ... })
    })
    
    // load probot app function
    await server.load((app) => {})
    
    // start listening to requests
    await server.start()
    // stop server with: await server.stop()

    If you have more than one app function, combine them in a function instead

    const app1 = require("./app1")
    const app2 = require("./app2")
    
    module.exports = function app ({ probot, getRouter }) {
      await app1({ probot, getRouter })
      await app2({ probot, getRouter })
    }
  • probot.start() / probot.stop() removed. Use the new Server class instead:

    const { Server, Probot } = require("probot")
    const server = new Server({
      Probot: Probot.defaults({ id, privateKey, ... })
      // optional:
      host,
      port,
      webhookPath,
      webhookProxy,
    })
    
    // load probot app function
    await server.load((app) => {})
    
    // start listening to requests
    await server.start()
    // stop server with: await server.stop()
  • REDIS_URL is ignored when using Probot constructor. Use new Probot({ redisConfig: redis://... }) instead

  • Probot constructor no longer reads environment variables. Pass options instead, or import { createProbot } from "probot" instead

  • Probot.run() has been removed. Use import { run} from "probot" instead

  • context.github has been removed. Use context.octokit instead

  • context.event has been removed. Use context.name instead

  • app.route() has been removed. Use the getRouter() argument from the app function instead: (app, { getRouter }) => { ... }

  • app.router has been removed. Use getRouter() from the app function instead: (app, { getRouter }) => { ... }

  • probot.logger has been removed. Use probot.log instead

  • new Probot({ id }) has been removed. Use new Probot({ appId }) instead

  • new Probot({ cert }) has been removed. Use new Probot({ privateKey }) instead

  • probot.webhook has been removed. Use probot.webhooks instead

  • createProbot(options) no longer supports any keys besides overrides, defaults, or env

  • options.throttleOptions has been removed. Set options.Octokit to ProbotOctokit.defaults({ throttle }) instead

  • import { Application } from probot has been removed. Use import { Probot } from probot instead, the APIs are the same

v10.19.0

Compare Source

Features

v10.18.0

Compare Source

Features
Deprecations
  • probot.load() (3d4b363)
  • probot.start() / probot.stop() / probot.setup() (7a8f268)
  • Deprecates new Probot({ id }) (a94fdca)
Bug Fixes
  • `createProbot() without options (8c01e90)
  • load app function only once when using createNodeMiddleware (#​1432) (60b702b)
  • server: log error requests as [METHOD] /[PATH] [STATUS] - [NUM]ms, e.g POST / 500 - 123ms (9d767e1)

v10.17.3

Compare Source

Bug Fixes

v10.17.2

Compare Source

Bug Fixes

v10.17.1

Compare Source

Bug Fixes
  • set default log level correctly to "info" (49153b8)

v10.17.0

Compare Source

Features
  • import { run } from "probot". Deprecates Probot.run() (f35b58a)
  • new Probot({ baseUrl }). Deprecates GHE_HOST / GHE_PROTOCOL when using with the Probot constructor (7abbef7)
  • new Probot({ logLevel }). Deprecates LOG_LEVEL when using Probot constructor (7c46218)
  • deprecate INSTALLATION_TOKEN_TTL (dfc59fc)
  • deprecate LOG_FORMAT, LOG_LEVEL_IN_STRING, SENTRY_DSN environment variables when using Probot constructor. Pass a custom log instance instead: (514c764)
  • deprecate REDIS_URL environment variable when using with the Probot constructor. Use new Probot({ redisConfig: "redis://..." }) instead (1dbd999)

v10.16.0

Compare Source

Features

v10.15.0

Compare Source

Features

v10.14.1

Compare Source

Bug Fixes

v10.14.0

Compare Source

Features
  • deprecate { Application } export. Use { Probot } instead, it has the same APIs now. (#​1408) (0e52e05)

v10.13.0

Compare Source

Features

v10.12.0

Compare Source

Features
  • getRouter argument for app function (({ app, getRouter }) => {}) (#​1406) (de3adc1)

v10.11.0

Compare Source

Features

v10.10.2

Compare Source

Bug Fixes
  • stop using .webhooks.on("*", handler) in favor of `.webhooks.onAny(handler) (ab6fcb1)

v10.10.1

Compare Source

Bug Fixes

v10.10.0

Compare Source

Features

v10.9.5

Compare Source

Bug Fixes
  • use webhooks.onError() instead of deprecated webhooks.on("error", ...) (#​1390) (a5b36b3)

v10.9.4

Compare Source

Bug Fixes
  • typescript: TypeScript issues TS2305,TS2707,TS7006 (41ee70c), closes #​1387

v10.9.3

Compare Source

Bug Fixes

v10.9.2

Compare Source

Bug Fixes

v10.9.1

Compare Source

Bug Fixes
  • do not overwrite options.throttle passed to {Octokit: ProbotOctokit.defaults(options)} (#​1373) (9483546)

v10.9.0

Compare Source

Features

v10.8.1

Compare Source

Bug Fixes
  • use @probot/octokit-plugin-config for context.config (#​1362) (a235671)

    If you mocked http requests for configuration files, you will have to adapt them. Instead of returning a JSON response with a { content } object, where content is a base64 encoded version of your raw configuration, you can now return the content without encoding directly. Example

    Before

    nock("https://api.github.com")
      .get("/repos/wip/app/contents/.github%2Fwip.yml")
      .reply(200, {
        content: Buffer.from("terms: 🚧").toString("base64"),
      });

    After

    nock("https://api.github.com")
      .get("/repos/wip/app/contents/.github%2Fwip.yml")
      .reply(200, "terms: 🚧");

v10.8.0

Compare Source

Features

v10.7.1

Compare Source

Bug Fixes

v10.7.0

Compare Source

Features
  • setup: support registration using an existing GitHub app (#​1345) (d907bbd)

v10.6.0

Compare Source

Features

v10.5.0

Compare Source

Features

v10.4.1

Compare Source

Bug Fixes

v10.4.0

Compare Source

Features

v10.3.0

Compare Source

Features

v10.2.0

Compare Source

Features
  • sentry: set user ID to installation.id and username to repository owner login (when present) (#​1337) (4cf7de9)

v10.1.5

Compare Source

Bug Fixes

v10.1.4

Compare Source

Bug Fixes
  • prevent double new lines when using LOG_FORMAT=json (86c1973)

v10.1.3

Compare Source

Bug Fixes
  • "Cannot find module ../lib/private-key" error when running probot receive (#​1332) (d671d82)

v10.1.2

Compare Source

Bug Fixes
  • trigger release to update docs on probot.github.com (4c88da9)

v10.1.1

Compare Source

v10 release notes

This is the first stable release for v10. See all breaking changes and new features at
https://github.com/probot/probot/releases/tag/v10.0.0

Bug Fixes
  • app.auth(installationId) returns octokit instance with all required installation authentication settings (#​1326) (410302f)

v10.1.0

Compare Source

Features

v10.0.1

Compare Source

Bug Fixes

v10.0.0

Compare Source

Breaking changes
  • @octokit/rest has been updated from v16 to v17. See release notes. Important: If you currently mocked context.github.* methods in your test, replace these with http mocks using nock instead, otherwise your tests will create methods that no longer exist and you will see errors in production although your tests passed. See https://github.com/wip/app/pull/238 for an example

  • URL parameters are now always encoded when using context.github.* methods. For example, if you use context.github.repos.getContent( owner, repo, path ) make sure to not encode the value for path. Also if you were mocking http requests in your tests, replace e.g. repos/octocat/hello-world/contents/.github/config.yml with repos/octocat/hello-world/contents/.github%2Fconfig.yml

  • require Node 10.21+

  • Logging: an object with extra information must be passed as first argument. Passing it as last argument is no longer supported.

    before

    context.log.info('something happened', {extra: 'info'})

    after

    context.log.info({extra: 'info'}, 'something happened')
  • The logging output changed. Before, probot used bunyan with all kind of hacks and customizations for its log output. Now we use pino. We still do the formatting and sending errors to Sentry in the same process, but the logic is now encapsulated in @probot/pino. We might decouple it in future as part of making Probot more suitable for serverless/function environments

  • context.issue() now returns .issue_number instead of .number. Use context.pullRequest() for octokit.pulls.* method calls.

  • registry_package event was renamed to package

  • The probot package no longer exports Octokit. Use ProbotOctokit instead.

    const { ProbotOctokit, ProbotOctokitCore } = require('probot')
  • Probot no longer accepts options.throttlingOptions. In order to disable throttling for testing, set options.Octokit to ProbotOctokit.defaults({ retry: { enabled: false }, throttle: { enabled: false } }):

    const { Probot, ProbotOctokit } = require('probot')
    
    const probot = new Probot({
      Octokit: ProbotOctokit.defaults({ retry: { enabled: false }, throttle: { enabled: false } })
    })
  • Undocumented & untested APIs removed

    • probot.errorHandler
    • probot.httpServer
    • app.log.target has been removed.
    • router option for Application contructor: new Application({ router })
Features

image

  • Significant lower memory usage
  • update to @octokit/rest to v17
  • update to @octokit/webhooks to v7
  • context.pullRequest()
  • probot.log (probot.logger is now deprecated)
  • probot.stop() (Replaces undocumented probot.httpServer)
  • replace bunyan with pino for logging
  • use a single Octokit instance with JWT auth
Bug Fixes
  • use JWT auth for marketplace endpoints

v9.15.1

Compare Source

Bug Fixes
  • revert bad v9.15.0 release (d3a8594)

v9.15.0

Compare Source

bad release, sorry

v9.14.2

Compare Source

Bug Fixes

v9.14.1

Compare Source

Bug Fixes

v9.14.0

Compare Source

Features

v9.13.2

Compare Source

Bug Fixes

v9.13.1

Compare Source

v9.13.0

Compare Source

Features

v9.12.0

Compare Source

Features
  • GET /probot/stats is deprecated and will be removed in v10 (#​1268) (1c31415)

v9.11.7

Compare Source

Bug Fixes

v9.11.6

Compare Source

Bug Fixes

v9.11.5

Compare Source

Bug Fixes

v9.11.4

Compare Source

Bug Fixes

v9.11.3

Compare Source

Bug Fixes

v9.11.2

Compare Source

Bug Fixes
  • github: Octokit is optional (6aeeabc)

v9.11.1

Compare Source

Bug Fixes

v9.11.0

Compare Source

Features

v9.10.2

Compare Source

Bug Fixes
  • package: update commander to version 5.0.0 (694f4fd)

v9.10.1

Compare Source

Bug Fixes
  • Revert "feat: mention that app must be activated after install (#​1155)" (45a21fc)

v9.10.0

Compare Source

Features

v9.9.8

Compare Source

Bug Fixes

v9.9.7

Compare Source

Bug Fixes

v9.9.6

Compare Source

Bug Fixes

v9.9.5

Compare Source

Bug Fixes
  • package: update cache-manager to version 3.0.0 (fbf6031)

v9.9.4

Compare Source

Bug Fixes
  • trigger release to publish latest version to npm (c5c8158)

v9.9.1

Compare Source

Bug Fixes

v9.9.0

Compare Source

Features
  • configure update-notifier (804f62b)

v9.8.1

Compare Source

Bug Fixes

v9.8.0

Compare Source

Bug Fixes
  • Limit webhook-event-check to known events in /app response (#​1092) (28a4d43)
Features
  • warn on passing in unknown commands (f368013)

v9.7.0

Compare Source

Features

v9.6.6

Compare Source

Bug Fixes
  • update bunyan-format and remove earlier type assertion patch ([61

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch 4 times, most recently from f268052 to 8d99104 Compare January 11, 2024 05:18
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch 2 times, most recently from 88941df to 5a5a025 Compare January 18, 2024 02:58
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 5a5a025 to b5ae208 Compare January 30, 2024 23:29
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Jan 30, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from b5ae208 to d5c3a4f Compare January 31, 2024 05:52
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Jan 31, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from d5c3a4f to 0ca18a8 Compare February 5, 2024 02:40
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Feb 5, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 0ca18a8 to af592ba Compare February 6, 2024 02:24
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Feb 6, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from af592ba to 7d80904 Compare February 26, 2024 05:25
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Feb 26, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 7d80904 to 42685cd Compare February 27, 2024 11:49
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Feb 27, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 42685cd to 41e3cf5 Compare March 1, 2024 23:13
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Mar 1, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 41e3cf5 to ad60ae4 Compare March 2, 2024 08:31
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Mar 2, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from ad60ae4 to acdc682 Compare March 13, 2024 20:52
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Mar 13, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from acdc682 to a1fcd85 Compare March 14, 2024 05:56
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Mar 14, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from a1fcd85 to 57a20b9 Compare March 21, 2024 23:52
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Mar 21, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 57a20b9 to 02faac0 Compare March 23, 2024 11:59
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Jul 15, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from ec303d2 to 9bd11c6 Compare July 23, 2024 23:27
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Jul 23, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 9bd11c6 to 53fd194 Compare July 25, 2024 05:36
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Jul 25, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 53fd194 to 166bc1a Compare July 29, 2024 05:24
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Jul 29, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 166bc1a to c5f78a6 Compare July 30, 2024 08:41
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Jul 30, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from c5f78a6 to 23d3741 Compare October 10, 2024 05:33
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Oct 10, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 23d3741 to 27b4156 Compare October 11, 2024 05:45
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Oct 11, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 27b4156 to 7681ed8 Compare October 30, 2024 05:56
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Oct 30, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 7681ed8 to e0b554b Compare October 31, 2024 05:53
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Oct 31, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from e0b554b to 1892955 Compare December 4, 2024 08:47
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Dec 4, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 1892955 to 123a657 Compare December 6, 2024 05:40
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Dec 6, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 123a657 to ccba820 Compare December 19, 2024 05:55
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Dec 19, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from ccba820 to d6061fd Compare December 21, 2024 20:33
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Dec 21, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from d6061fd to 84bb33e Compare December 24, 2024 08:58
@renovate renovate bot changed the title fix(deps): update dependency probot to v12 [security] fix(deps): update dependency probot to v13 [security] Dec 24, 2024
@renovate renovate bot force-pushed the renovate/npm-probot-vulnerability branch from 84bb33e to 5c4dc1a Compare December 25, 2024 08:29
@renovate renovate bot changed the title fix(deps): update dependency probot to v13 [security] fix(deps): update dependency probot to v12 [security] Dec 25, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants