Skip to content

Bump @octokit/request-error and @actions/github #1227

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Jun 18, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 14, 2025

Bumps @octokit/request-error to 5.1.1 and updates ancestor dependency @actions/github. These dependencies need to be updated together.

Updates @octokit/request-error from 2.1.0 to 5.1.1

Release notes

Sourced from @​octokit/request-error's releases.

v5.1.1

5.1.1 (2025-02-14)

Bug Fixes

v5.1.0

5.1.0 (2024-04-05)

Bug Fixes

  • upgrade @octokit/types to v13 (3af20bd)

Features

v5.0.1

5.0.1 (2023-09-23)

Bug Fixes

  • deps: update dependency @​octokit/types to v12 (#366) (590fc39)

v5.0.0

5.0.0 (2023-07-07)

Bug Fixes

  • deps: update dependency @​octokit/types to v11 (#348) (372097e)

BREAKING CHANGES

  • deps: upgrade @octokit/types to v11

v4.0.2

4.0.2 (2023-06-16)

Bug Fixes

  • deps: update dependency @​octokit/types to v10 (#343) (28b1958)

... (truncated)

Commits
  • b51ed27 test: ReDos regex vulnerability, reported by @​dayshift
  • 12a14f0 fix: ReDos regex vulnerability, reported by @​dayshift
  • 3af20bd fix: upgrade @octokit/types to v13
  • 94147e8 feat(security): Add provenance (#416)
  • 590fc39 fix(deps): update dependency @​octokit/types to v12 (#366)
  • 4b9c57e ci(action): update peter-evans/create-or-update-comment digest to 46da6c0
  • 710afc3 ci(action): update peter-evans/create-or-update-comment digest to 1f6c514
  • c82c8ce ci(action): update peter-evans/create-or-update-comment digest to 223779b
  • ec24ead ci(action): update peter-evans/create-or-update-comment digest to 46846e5 (#362)
  • 365f18d ci(action): update actions/checkout action to v4
  • Additional commits viewable in compare view

Updates @actions/github from 5.1.1 to 6.0.0

Changelog

Sourced from @​actions/github's changelog.

6.0.0

  • Support the latest Octokit in @​actions/github #1553
    • Drop support of NodeJS v14, v16
Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot requested a review from a team as a code owner February 14, 2025 23:52
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 14, 2025
@gowridurgad
Copy link
Contributor

@dependabot rebase

Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 12, 2025

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@gowridurgad
Copy link
Contributor

@dependabot recreate

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-939339bafa branch from 6e41730 to 7465f29 Compare March 12, 2025 07:11
@aparnajyothi-y
Copy link
Contributor

@dependabot recreate

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-939339bafa branch from 7465f29 to bbaa6e6 Compare March 12, 2025 09:47
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 12, 2025

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

priya-kinthali
priya-kinthali previously approved these changes Mar 12, 2025
@HarithaVattikuti
Copy link
Contributor

@dependabot recreate

Bumps [@octokit/request-error](https://github.com/octokit/request-error.js) to 5.1.1 and updates ancestor dependency [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github). These dependencies need to be updated together.


Updates `@octokit/request-error` from 2.1.0 to 5.1.1
- [Release notes](https://github.com/octokit/request-error.js/releases)
- [Commits](octokit/request-error.js@v2.1.0...v5.1.1)

Updates `@actions/github` from 5.1.1 to 6.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@octokit/request-error"
  dependency-type: indirect
- dependency-name: "@actions/github"
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/multi-939339bafa branch from 05962ea to cfc4208 Compare June 10, 2025 20:39
@HarithaVattikuti HarithaVattikuti merged commit 08f58d1 into main Jun 18, 2025
200 checks passed
@HarithaVattikuti HarithaVattikuti deleted the dependabot/npm_and_yarn/multi-939339bafa branch June 18, 2025 22:00
mmatl added a commit to ambi-robotics/setup-node that referenced this pull request Jul 23, 2025
* Fix macos latest check failures (actions#1041)

* Update latest node versions

* Update latest node versions

* Update test data

* Update test data

* Update test data

* Update test data

* Update test data

* macos lts failure fix

* Update macos-13

* Bump braces from 3.0.2 to 3.0.3 (actions#1087)

* Bump braces from 3.0.2 to 3.0.3

Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3.
- [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md)
- [Commits](micromatch/braces@3.0.2...3.0.3)

---
updated-dependencies:
- dependency-name: braces
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump undici from 5.28.3 to 5.28.4

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>

* Documentation update in the README file (actions#1106)

* first commit on using setup node

* Delete .github/workflows/helloWorld.yml

* Create main.yml

* Rename main.yml to helloworld.yml

* goodbye world added

* name changed to goodbye

* updated README

---------

Co-authored-by: Suyash Gaonkar <39784472+suyashrg18@users.noreply.github.com>

* Fix: windows arm64 setup (actions#1126)

* Add condition to ensure ZIP extraction targets only Windows ARM64 official archives

* Bumps micromatch from 4.0.5 to 4.0.8

* Create publish-immutable-action.yml

* Upgrade IA Publish

* Correct version string (actions#1124)

* Resolve High Security Alerts by upgrading Dependencies (actions#1132)

* db-alerts-fix

* npm run format

* db-alert-fix

* failure check fix

* check- filaure fix

* Revise `isGhes` logic (actions#1148)

* Revise `isGhes` logic

* ran 'npm run format'

* added unit test

* fix: add arch to cached path (actions#843)

* fix: add arch to cached path

* fix: change from using env to os module

* fix: use process.env.RUNNER_OS instead of os.platform()

* fix: remove unused var

* Add macos-13 to the workflows and upgrade publish-actions from 0.2.2 to 0.3.0 (actions#1174)

* Update versions.yml

* Update versions.yml

* ubuntu-24, macos-13 updates

* check -failure fix

* Update README.md (actions#1193)

* Create dependabot.yml (actions#1192)

* Use the new cache service: upgrade `@actions/cache` to `^4.0.0` (actions#1191)

* upgrade `@actions/cache` to `^4.0.0`

* Review licenses & update types

* updated package-lock.json

* Bump pnpm/action-setup from 2 to 4 (actions#1194)

Bumps [pnpm/action-setup](https://github.com/pnpm/action-setup) from 2 to 4.
- [Release notes](https://github.com/pnpm/action-setup/releases)
- [Commits](pnpm/action-setup@v2...v4)

---
updated-dependencies:
- dependency-name: pnpm/action-setup
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (actions#1195)

Bumps [actions/publish-immutable-action](https://github.com/actions/publish-immutable-action) from 0.0.3 to 0.0.4.
- [Release notes](https://github.com/actions/publish-immutable-action/releases)
- [Commits](actions/publish-immutable-action@0.0.3...v0.0.4)

---
updated-dependencies:
- dependency-name: actions/publish-immutable-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump semver from 7.6.0 to 7.6.3 (actions#1196)

* Bump semver from 7.6.0 to 7.6.3

Bumps [semver](https://github.com/npm/node-semver) from 7.6.0 to 7.6.3.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md)
- [Commits](npm/node-semver@v7.6.0...v7.6.3)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix for check-dist & license check failures

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>

* Bump @types/jest from 29.5.12 to 29.5.14 (actions#1201)

Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 29.5.12 to 29.5.14.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest)

---
updated-dependencies:
- dependency-name: "@types/jest"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump undici from 5.28.4 to 5.28.5 (actions#1205)

* Bump undici from 5.28.4 to 5.28.5

Bumps [undici](https://github.com/nodejs/undici) from 5.28.4 to 5.28.5.
- [Release notes](https://github.com/nodejs/undici/releases)
- [Commits](nodejs/undici@v5.28.4...v5.28.5)

---
updated-dependencies:
- dependency-name: undici
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix for check-dist and license failures

* npm run updates

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>

* Bump @actions/glob from 0.4.0 to 0.5.0 (actions#1200)

* Bump @actions/glob from 0.4.0 to 0.5.0

Bumps [@actions/glob](https://github.com/actions/toolkit/tree/HEAD/packages/glob) from 0.4.0 to 0.5.0.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/glob/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/glob)

---
updated-dependencies:
- dependency-name: "@actions/glob"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix for check-dist and license failures

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>

* actions/cache upgrade (actions#1251)

Co-authored-by: “gowridurgad” <“hgowridurgad@github.com>

* Bump @vercel/ncc from 0.38.1 to 0.38.3 (actions#1203)

* Bump @vercel/ncc from 0.38.1 to 0.38.3

Bumps [@vercel/ncc](https://github.com/vercel/ncc) from 0.38.1 to 0.38.3.
- [Release notes](https://github.com/vercel/ncc/releases)
- [Commits](vercel/ncc@0.38.1...0.38.3)

---
updated-dependencies:
- dependency-name: "@vercel/ncc"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* fix for check failures

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>

* Bump @actions/tool-cache from 2.0.1 to 2.0.2 (actions#1220)

* Bump @actions/tool-cache from 2.0.1 to 2.0.2

Bumps [@actions/tool-cache](https://github.com/actions/toolkit/tree/HEAD/packages/tool-cache) from 2.0.1 to 2.0.2.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/tool-cache/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/tool-cache)

---
updated-dependencies:
- dependency-name: "@actions/tool-cache"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* check failures fix

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>

* Make eslint-compact matcher compatible with Stylelint (actions#98)

* Add support for indented eslint output (actions#1245)

* feat: support private mirrors (actions#1240)

* feat: support private mirrors

* chore: change fallback message with mirrors

* Bump @action/cache from 4.0.2 to 4.0.3 (actions#1262)

* Update versions.yml

* Update versions.yml

* actions/cache upgrade to 4.0.3

* events update

* npm audit fix revert

* npm adit fix revert

* Bump @octokit/request-error and @actions/github (actions#1227)

* Bump @octokit/request-error and @actions/github

Bumps [@octokit/request-error](https://github.com/octokit/request-error.js) to 5.1.1 and updates ancestor dependency [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github). These dependencies need to be updated together.


Updates `@octokit/request-error` from 2.1.0 to 5.1.1
- [Release notes](https://github.com/octokit/request-error.js/releases)
- [Commits](octokit/request-error.js@v2.1.0...v5.1.1)

Updates `@actions/github` from 5.1.1 to 6.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@octokit/request-error"
  dependency-type: indirect
- dependency-name: "@actions/github"
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix failures

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>

* Bump uuid from 9.0.1 to 11.1.0 (actions#1273)

* Bump uuid from 9.0.1 to 11.1.0

Bumps [uuid](https://github.com/uuidjs/uuid) from 9.0.1 to 11.1.0.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v9.0.1...v11.1.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-version: 11.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Bump uuid from 9.0.1 to 11.1.0

Bumps [uuid](https://github.com/uuidjs/uuid) from 9.0.1 to 11.1.0.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md)
- [Commits](uuidjs/uuid@v9.0.1...v11.1.0)

---
updated-dependencies:
- dependency-name: uuid
  dependency-version: 11.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Fix failures

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>

* fix: build

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: suyashgaonkar <suyashgaonkar@github.com>
Co-authored-by: Suyash Gaonkar <39784472+suyashrg18@users.noreply.github.com>
Co-authored-by: Priya Gupta <147705955+priyagupta108@users.noreply.github.com>
Co-authored-by: Joel Ambass <Jcambass@users.noreply.github.com>
Co-authored-by: William Entriken <github.com@phor.net>
Co-authored-by: aparnajyothi-y <147696841+aparnajyothi-y@users.noreply.github.com>
Co-authored-by: John Wesley Walker III <81404201+jww3@users.noreply.github.com>
Co-authored-by: Peng Xiao <pengxiao@outlook.com>
Co-authored-by: Ben Wells <benwells@github.com>
Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>
Co-authored-by: gowridurgad <159780674+gowridurgad@users.noreply.github.com>
Co-authored-by: “gowridurgad” <“hgowridurgad@github.com>
Co-authored-by: Flo Edelmann <git@flo-edelmann.de>
Co-authored-by: fregante <me@fregante.com>
Co-authored-by: Marco Ippolito <marcoippolito54@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants