Skip to content

feat(cli-tools): update cli/cli (v2.61.0 -> v2.62.0)#307

Merged
ppat merged 1 commit intomainfrom
renovate/clicli
Nov 22, 2024
Merged

feat(cli-tools): update cli/cli (v2.61.0 -> v2.62.0)#307
ppat merged 1 commit intomainfrom
renovate/clicli

Conversation

@ppat-self-hosted-renovate-bot
Copy link
Copy Markdown
Contributor

@ppat-self-hosted-renovate-bot ppat-self-hosted-renovate-bot Bot commented Nov 21, 2024

This PR contains the following updates:

Package Update Change
cli/cli minor 2.61.0 -> 2.62.0

Release Notes

cli/cli (cli/cli)

v2.62.0: GitHub CLI 2.62.0

Compare Source

What's Changed

Full Changelog: cli/cli@v2.61.0...v2.62.0

Security

  • A security vulnerability has been identified in GitHub CLI that could allow remote code execution (RCE) when users connect to a malicious Codespace SSH server and use the gh codespace ssh or gh codespace logs commands.

    For more information, see GHSA-p2h2-3vg9-4p87

GitHub CLI notifies users about latest extension upgrades

Similar to the notification of latest gh releases, the v2.62.0 version of GitHub CLI will notify users about latest extension upgrades when the extension is used:

$ gh ado2gh
...

A new release of ado2gh is available: 1.7.0 → 1.8.0
To upgrade, run: gh extension upgrade ado2gh --force
https://github.com/github/gh-ado2gh
Why does this matter?

This removes a common pain point of extension authors as they have had to reverse engineer and implement a similar mechanism within their extensions directly.

With this quality of life improvement, there are 2 big benefits:

  1. Extension authors will hopefully see increased adoption of newer releases while having lower bar to maintaining their extensions.
  2. GitHub CLI users will have greater awareness of new features, bug fixes, and security fixes to the extensions used.
What do you need to do?

Extension authors should review their extensions and consider removing any custom logic previously implemented to notify users of new releases.

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@ppat ppat merged commit 2b74e7b into main Nov 22, 2024
@ppat ppat deleted the renovate/clicli branch November 22, 2024 18:08
@ppat
Copy link
Copy Markdown
Owner

ppat commented Nov 26, 2024

🎉 This PR is included in version 1.12.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

@ppat ppat added the released label Nov 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

image:cli-tools pr-type:renovate released

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ppat