Skip to content

Bump the octokit group with 3 updates #505

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Feb 17, 2025
Merged

Bump the octokit group with 3 updates #505

merged 1 commit into from
Feb 17, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 17, 2025

Bumps the octokit group with 3 updates: @octokit/auth-app, @octokit/core and @octokit/webhooks.

Updates @octokit/auth-app from 7.1.4 to 7.1.5

Release notes

Sourced from @​octokit/auth-app's releases.

v7.1.5

7.1.5 (2025-02-15)

Bug Fixes

  • deps: update octokit dependencies to mitigate ReDos vulnerability [security] (#678) (499d1f6)
Commits
  • 499d1f6 fix(deps): update octokit dependencies to mitigate ReDos vulnerability [secur...
  • d971a53 chore(deps): update dependency prettier to v3.5.1 (#673)
  • b68bbc3 chore(deps): update dependency esbuild to ^0.25.0 (#672)
  • 7e719d4 build(deps-dev): bump vitest, @​vitest/coverage-v8 and @​vitest/ui (#671)
  • 08dd3cf build(deps): lock file maintenance (#670)
  • 870cb26 build(deps-dev): bump vite from 5.4.11 to 5.4.14 (#669)
  • e64d718 build(deps): lock file maintenance (#668)
  • f20db49 build(deps): lock file maintenance (#666)
  • 7e34dce build(deps): lock file maintenance (#664)
  • See full diff in compare view

Updates @octokit/core from 6.1.3 to 6.1.4

Release notes

Sourced from @​octokit/core's releases.

v6.1.4

6.1.4 (2025-02-13)

Bug Fixes

  • deps: bump Octokit dependencies vulnerable to ReDos (#723) (582d8bd)
Commits
  • 582d8bd fix(deps): bump Octokit dependencies vulnerable to ReDos (#723)
  • 4c21074 chore(deps): update dependency esbuild to ^0.25.0 (#721)
  • 5fa1fe1 chore(deps-dev): bump vitest and @​vitest/coverage-v8 (#720)
  • c064e48 chore(deps-dev): bump vite from 5.4.6 to 6.0.11 (#719)
  • 21587d7 chore(deps): update dependency undici to v6.21.1 [security] (#718)
  • 4e6e8e7 chore(deps): update vitest monorepo to v3 (major) (#716)
  • See full diff in compare view

Updates @octokit/webhooks from 13.6.0 to 13.6.1

Release notes

Sourced from @​octokit/webhooks's releases.

v13.6.1

13.6.1 (2025-02-14)

Bug Fixes

  • deps: update dependency @​octokit/request-error to v6.1.7 [security] (#1109) (4073065)
Commits
  • 4073065 fix(deps): update dependency @​octokit/request-error to v6.1.7 [security] (#1109)
  • 2c12808 chore(deps): update dependency prettier to v3.5.1 (#1108)
  • dfd73d7 build(deps): lock file maintenance (#1107)
  • 42bdde3 chore(deps): update dependency esbuild to ^0.25.0 (#1105)
  • f844143 chore(deps): update dependency prettier to v3.5.0 (#1106)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the octokit group with 3 updates
e3bdbd0 
Bumps the octokit group with 3 updates: [@octokit/auth-app](https://github.com/octokit/auth-app.js), [@octokit/core](https://github.com/octokit/core.js) and [@octokit/webhooks](https://github.com/octokit/webhooks.js).


Updates `@octokit/auth-app` from 7.1.4 to 7.1.5
- [Release notes](https://github.com/octokit/auth-app.js/releases)
- [Commits](octokit/auth-app.js@v7.1.4...v7.1.5)

Updates `@octokit/core` from 6.1.3 to 6.1.4
- [Release notes](https://github.com/octokit/core.js/releases)
- [Commits](octokit/core.js@v6.1.3...v6.1.4)

Updates `@octokit/webhooks` from 13.6.0 to 13.6.1
- [Release notes](https://github.com/octokit/webhooks.js/releases)
- [Commits](octokit/webhooks.js@v13.6.0...v13.6.1)

---
updated-dependencies:
- dependency-name: "@octokit/auth-app"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: octokit
- dependency-name: "@octokit/core"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: octokit
- dependency-name: "@octokit/webhooks"
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: octokit
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from ulrikandersen as a code owner February 17, 2025 07:14
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 17, 2025
@dependabot dependabot bot requested a review from simonbs as a code owner February 17, 2025 07:14
@simonbs simonbs merged commit 68e6085 into develop Feb 17, 2025
6 checks passed
@simonbs simonbs deleted the dependabot/npm_and_yarn/octokit-b8585eaddb branch February 17, 2025 08:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simonbs simonbs simonbs approved these changes

@ulrikandersen ulrikandersen Awaiting requested review from ulrikandersen ulrikandersen is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@simonbs