From 5e9b4fa727424d370e88a65cc4fbd700c3ba3fd6 Mon Sep 17 00:00:00 2001
From: Dimitrios Philliou <d1m1tr10s@github.com>
Date: Tue, 19 Nov 2024 10:38:43 -0800
Subject: [PATCH 1/7] Update README.md
Adding a note that the SDK does not apply to skillsets, and simplify the header title.
---
README.md | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/README.md b/README.md
index d904fc3..63857de 100644
--- a/README.md
+++ b/README.md
@@ -1,9 +1,11 @@
-# `@copilot-extensions/preview-sdk`
+# Preview SDK
-This SDK simplifies the process of building GitHub Copilot Extensions. Building Copilot Extensions previously required manual handling of request verification, response formatting, and API interactions. This SDK simplifies these tasks, allowing you to focus on your extension's core functionality rather than building boilerplate code. Use it to integrate your tools, APIs, or data sources directly into Copilot Chat.
+This SDK simplifies the process of building an GitHub Copilot Extension as an agent. Building Copilot Extensions previously required manual handling of request verification, response formatting, and API interactions. This SDK simplifies these tasks, allowing you to focus on your extension's core functionality rather than building boilerplate code. Use it to integrate your tools, APIs, or data sources directly into Copilot Chat.
We consider this SDK alpha software in terms of API stability, but we adhere to semantic-versioning, so it's safe to use today.
+> Note: This SDK does not apply to skillset extensions. It only applies to developing an agent extension. For more info, see the [docs on skillsets and agents](https://docs.github.com/en/copilot/building-copilot-extensions/about-building-copilot-extensions#about-skillsets-and-agents).
+
## Key features
- Request payload verification
From f6756190b2ec70c6aea4eaa0d3caafd1d3f06ba5 Mon Sep 17 00:00:00 2001
From: Dimitrios Philliou <d1m1tr10s@github.com>
Date: Tue, 19 Nov 2024 10:43:22 -0800
Subject: [PATCH 2/7] Update README.md
---
README.md | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/README.md b/README.md
index 63857de..82f7e06 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,8 @@ This SDK simplifies the process of building an GitHub Copilot Extension as an ag
We consider this SDK alpha software in terms of API stability, but we adhere to semantic-versioning, so it's safe to use today.
-> Note: This SDK does not apply to skillset extensions. It only applies to developing an agent extension. For more info, see the [docs on skillsets and agents](https://docs.github.com/en/copilot/building-copilot-extensions/about-building-copilot-extensions#about-skillsets-and-agents).
+> [!NOTE]
+> This SDK does not apply to skillset-based extensions. It only applies to building an agent. For more info, see the [docs on skillsets and agents](https://docs.github.com/en/copilot/building-copilot-extensions/about-building-copilot-extensions#about-skillsets-and-agents).
## Key features
From d7ac8a3f696b4c6de3b04befe829877e873ff957 Mon Sep 17 00:00:00 2001
From: marz <marzvrover@github.com>
Date: Fri, 22 Nov 2024 17:19:27 -0500
Subject: [PATCH 3/7] Add ssh support in codespace (#114)
---
.devcontainer/devcontainer.json | 7 ++++++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
index 88d1d01..83a8ef1 100644
--- a/.devcontainer/devcontainer.json
+++ b/.devcontainer/devcontainer.json
@@ -1,5 +1,10 @@
{
"name": "Node.js & TypeScript",
"image": "mcr.microsoft.com/devcontainers/typescript-node:1-22-bookworm",
- "postCreateCommand": "npm install"
+ "postCreateCommand": "npm install",
+ "features": {
+ "ghcr.io/devcontainers/features/sshd:1": {
+ "version": "latest"
+ }
+ }
}
From cd9908706dde7f6a34df7c0f98c7b2e2ac47f7b7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 26 Feb 2025 19:08:33 -0800
Subject: [PATCH 4/7] build(deps): bump @octokit/endpoint from 10.1.1 to 10.1.3
(#124)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [@octokit/endpoint](https://github.com/octokit/endpoint.js) from
10.1.1 to 10.1.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/octokit/endpoint.js/releases"><code>@octokit/endpoint</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v10.1.3</h2>
<h2><a
href="https://github.com/octokit/endpoint.js/compare/v10.1.2...v10.1.3">10.1.3</a>
(2025-02-13)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>Fix a ReDos vulnerability, reported by <a
href="https://github.com/ShiyuBanzhou"><code>@DayShift</code></a> (<a
href="https://github.com/octokit/endpoint.js/commit/6c9c5be033c450d436efb37de41b6470c22f7db8">6c9c5be</a>)</li>
</ul>
<h2>v10.1.2</h2>
<h2><a
href="https://github.com/octokit/endpoint.js/compare/v10.1.1...v10.1.2">10.1.2</a>
(2024-12-31)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@octokit/types</code> to improve
Deno compat (<a
href="https://redirect.github.com/octokit/endpoint.js/issues/507">#507</a>)
(<a
href="https://github.com/octokit/endpoint.js/commit/15d700b870766d1cbc3bde3d6dd17895959de6f1">15d700b</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/octokit/endpoint.js/commit/d6cf1ad777b22f80b6f6ae88c03b4ed4139dd2d2"><code>d6cf1ad</code></a>
fix: linting issues breaking ci (<a
href="https://redirect.github.com/octokit/endpoint.js/issues/514">#514</a>)</li>
<li><a
href="https://github.com/octokit/endpoint.js/commit/6c9c5be033c450d436efb37de41b6470c22f7db8"><code>6c9c5be</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/octokit/endpoint.js/commit/e472e223395f5d9a06aede19999c6144ac2f1c8b"><code>e472e22</code></a>
chore(deps): update dependency esbuild to ^0.25.0 (<a
href="https://redirect.github.com/octokit/endpoint.js/issues/512">#512</a>)</li>
<li><a
href="https://github.com/octokit/endpoint.js/commit/b2ebcdafbbf95feca1a99a218eb5dd7bc29d6e49"><code>b2ebcda</code></a>
build(deps-dev): bump vitest and <code>@vitest/coverage-v8</code> (<a
href="https://redirect.github.com/octokit/endpoint.js/issues/511">#511</a>)</li>
<li><a
href="https://github.com/octokit/endpoint.js/commit/76e3738cb787ded285610a4f305f5eccef65e9b7"><code>76e3738</code></a>
build(deps): bump vite from 5.4.6 to 6.0.11 (<a
href="https://redirect.github.com/octokit/endpoint.js/issues/509">#509</a>)</li>
<li><a
href="https://github.com/octokit/endpoint.js/commit/c9ce54d84d19ddf4c176f4e21ca3ecbec1bde0de"><code>c9ce54d</code></a>
chore(deps): update vitest monorepo to v3 (major) (<a
href="https://redirect.github.com/octokit/endpoint.js/issues/508">#508</a>)</li>
<li><a
href="https://github.com/octokit/endpoint.js/commit/15d700b870766d1cbc3bde3d6dd17895959de6f1"><code>15d700b</code></a>
fix(deps): bump <code>@octokit/types</code> to improve Deno compat (<a
href="https://redirect.github.com/octokit/endpoint.js/issues/507">#507</a>)</li>
<li><a
href="https://github.com/octokit/endpoint.js/commit/a0a938ef55cb6aea699b51b351d107fe5f7b5a8f"><code>a0a938e</code></a>
chore(deps): update dependency prettier to v3.4.2 (<a
href="https://redirect.github.com/octokit/endpoint.js/issues/506">#506</a>)</li>
<li><a
href="https://github.com/octokit/endpoint.js/commit/2e92021d2353bdcad8d8e3e08a9f043ee4ae18c0"><code>2e92021</code></a>
chore(deps): update dependency prettier to v3.4.1 (<a
href="https://redirect.github.com/octokit/endpoint.js/issues/505">#505</a>)</li>
<li><a
href="https://github.com/octokit/endpoint.js/commit/55ee6d677c88ddf358b30c202a8136037371cca8"><code>55ee6d6</code></a>
chore(deps): update dependency prettier to v3.4.0 (<a
href="https://redirect.github.com/octokit/endpoint.js/issues/504">#504</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/octokit/endpoint.js/compare/v10.1.1...v10.1.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/copilot-extensions/preview-sdk.js/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
package-lock.json | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index db5369d..96da165 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -340,12 +340,12 @@
}
},
"node_modules/@octokit/endpoint": {
- "version": "10.1.1",
- "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-10.1.1.tgz",
- "integrity": "sha512-JYjh5rMOwXMJyUpj028cu0Gbp7qe/ihxfJMLc8VZBMMqSwLgOxDI1911gV4Enl1QSavAQNJcwmwBF9M0VvLh6Q==",
+ "version": "10.1.3",
+ "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-10.1.3.tgz",
+ "integrity": "sha512-nBRBMpKPhQUxCsQQeW+rCJ/OPSMcj3g0nfHn01zGYZXuNDvvXudF/TYY6APj5THlurerpFN4a/dQAIAaM6BYhA==",
"license": "MIT",
"dependencies": {
- "@octokit/types": "^13.0.0",
+ "@octokit/types": "^13.6.2",
"universal-user-agent": "^7.0.2"
},
"engines": {
@@ -353,9 +353,9 @@
}
},
"node_modules/@octokit/openapi-types": {
- "version": "22.2.0",
- "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-22.2.0.tgz",
- "integrity": "sha512-QBhVjcUa9W7Wwhm6DBFu6ZZ+1/t/oYxqc2tp81Pi41YNuJinbFRx8B133qVOrAaBbF7D/m0Et6f9/pZt9Rc+tg==",
+ "version": "23.0.1",
+ "resolved": "https://registry.npmjs.org/@octokit/openapi-types/-/openapi-types-23.0.1.tgz",
+ "integrity": "sha512-izFjMJ1sir0jn0ldEKhZ7xegCTj/ObmEDlEfpFrx4k/JyZSMRHbO3/rBwgE7f3m2DHt+RrNGIVw4wSmwnm3t/g==",
"license": "MIT"
},
"node_modules/@octokit/request": {
@@ -386,12 +386,12 @@
}
},
"node_modules/@octokit/types": {
- "version": "13.5.0",
- "resolved": "https://registry.npmjs.org/@octokit/types/-/types-13.5.0.tgz",
- "integrity": "sha512-HdqWTf5Z3qwDVlzCrP8UJquMwunpDiMPt5er+QjGzL4hqr/vBVY/MauQgS1xWxCDT1oMx1EULyqxncdCY/NVSQ==",
+ "version": "13.8.0",
+ "resolved": "https://registry.npmjs.org/@octokit/types/-/types-13.8.0.tgz",
+ "integrity": "sha512-x7DjTIbEpEWXK99DMd01QfWy0hd5h4EN+Q7shkdKds3otGQP+oWE/y0A76i1OvH9fygo4ddvNf7ZvF0t78P98A==",
"license": "MIT",
"dependencies": {
- "@octokit/openapi-types": "^22.2.0"
+ "@octokit/openapi-types": "^23.0.1"
}
},
"node_modules/@pkgjs/parseargs": {
From a19fc089b5afca651a760882141a35e0cb028f0f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 26 Feb 2025 19:09:03 -0800
Subject: [PATCH 5/7] build(deps-dev): bump undici from 6.19.8 to 6.21.1 (#123)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [undici](https://github.com/nodejs/undici) from 6.19.8 to 6.21.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nodejs/undici/releases">undici's
releases</a>.</em></p>
<blockquote>
<h2>v6.21.1</h2>
<h1>⚠️ Security Release ⚠️</h1>
<p>Fixes CVE CVE-2025-22150 <a
href="https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975">https://github.com/nodejs/undici/security/advisories/GHSA-c76h-2ccp-4975</a>
(embargoed until 22-01-2025).</p>
<h2>What's Changed</h2>
<ul>
<li>fix(<a
href="https://redirect.github.com/nodejs/undici/issues/3736">#3736</a>):
back-port 183f8e9 to v6.x by <a
href="https://github.com/ggoodman"><code>@ggoodman</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/3855">nodejs/undici#3855</a></li>
<li>fix(<a
href="https://redirect.github.com/nodejs/undici/issues/3817">#3817</a>):
send servername for SNI on TLS (<a
href="https://redirect.github.com/nodejs/undici/issues/3821">#3821</a>)
[backport] by <a
href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/3864">nodejs/undici#3864</a></li>
<li>fix: sending formdata bodies with http2 (<a
href="https://redirect.github.com/nodejs/undici/issues/3863">#3863</a>)
[backport] by <a
href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/3866">nodejs/undici#3866</a></li>
<li>[Backport v6.x] fix: Fixed the issue that there is no running
request when http2 goaway by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3877">nodejs/undici#3877</a></li>
<li>types: [backport] Update return type of RetryCallback (<a
href="https://redirect.github.com/nodejs/undici/issues/3851">#3851</a>)
by <a href="https://github.com/metcoder95"><code>@metcoder95</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3876">nodejs/undici#3876</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v6.21.0...v6.21.1">https://github.com/nodejs/undici/compare/v6.21.0...v6.21.1</a></p>
<h2>v6.21.0</h2>
<h2>What's Changed</h2>
<ul>
<li>[Backport v6.x] web: mark as uncloneable when possible (<a
href="https://redirect.github.com/nodejs/undici/issues/3709">#3709</a>)
by <a href="https://github.com/jazelly"><code>@jazelly</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/3744">nodejs/undici#3744</a></li>
<li>[Backport v6.x] fetch: fix content-encoding order by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3764">nodejs/undici#3764</a></li>
<li>[Backport v6.x] fix: handle undefined deref() of WeakRef(socket) by
<a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3822">nodejs/undici#3822</a></li>
<li>[Backport v6.x] fix: range end is zero-indexed by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3827">nodejs/undici#3827</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v6.20.1...v6.21.0">https://github.com/nodejs/undici/compare/v6.20.1...v6.21.0</a></p>
<h2>v6.20.1</h2>
<h2>What's Changed</h2>
<ul>
<li>[Backport v6.x] jsdoc: add jsdoc to lib/web/fetch/constants.js by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3710">nodejs/undici#3710</a></li>
<li>[Backport v6.x] feat: implement <code>BodyReadable.bytes</code> by
<a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3711">nodejs/undici#3711</a></li>
<li>fix: add more expectsPayload methods by <a
href="https://github.com/ronag"><code>@ronag</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/3715">nodejs/undici#3715</a></li>
<li>[Backport v6.x] chore(H2): onboard H2 into Undici queueing system
(<a
href="https://redirect.github.com/nodejs/undici/issues/3707">#3707</a>)
by <a href="https://github.com/Uzlopak"><code>@Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/3724">nodejs/undici#3724</a></li>
<li>[Backport v6.x] fix: PoolBase kClose and kDestroy should await and
not return the Promise by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3723">nodejs/undici#3723</a></li>
<li>[Backport v6.x] fix: extract noop everywhere by <a
href="https://github.com/Uzlopak"><code>@Uzlopak</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/3727">nodejs/undici#3727</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nodejs/undici/compare/v6.20.0...v6.20.1">https://github.com/nodejs/undici/compare/v6.20.0...v6.20.1</a></p>
<h2>v6.20.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Remove patched dom types (<code>v6.x</code> branch) by <a
href="https://github.com/eXhumer"><code>@eXhumer</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/3531">nodejs/undici#3531</a></li>
<li>docs(Backport v6.x): Fix signature of RetryHandler by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3594">nodejs/undici#3594</a></li>
<li>deps(dev): update <code>@types/node</code> by <a
href="https://github.com/metcoder95"><code>@metcoder95</code></a> in <a
href="https://redirect.github.com/nodejs/undici/pull/3618">nodejs/undici#3618</a></li>
<li>fix: throw on retry when payload is consume by downstream by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3596">nodejs/undici#3596</a></li>
<li>feat(Backport v6.x): move throwOnError to interceptor by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3595">nodejs/undici#3595</a></li>
<li>[Backport v6.x] fix: reduce memory usage in client-h1 by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3672">nodejs/undici#3672</a></li>
<li>[Backport v6.x] fix: refactor fast timers, fix
UND_ERR_CONNECT_TIMEOUT on event loop blocking by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3673">nodejs/undici#3673</a></li>
<li>[Backport v6.x] fix: run asserts first if possible by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3674">nodejs/undici#3674</a></li>
<li>[Backport v6.x] fix: use fasttimers for all connection timeouts by
<a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3675">nodejs/undici#3675</a></li>
<li>[Backport v6.x] ci: less flaky test/request-timeout.js test by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3678">nodejs/undici#3678</a></li>
<li>[Backport v6.x] test: less flaky timers acceptance test, rework fast
timer tests to pass them faster by <a
href="https://github.com/github-actions"><code>@github-actions</code></a>
in <a
href="https://redirect.github.com/nodejs/undici/pull/3679">nodejs/undici#3679</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nodejs/undici/commit/e260e7bb173abe3399dabd61338ca4a71fcf8825"><code>e260e7b</code></a>
Bumped v6.21.1</li>
<li><a
href="https://github.com/nodejs/undici/commit/c3acc6050b781b827d80c86cbbab34f14458d385"><code>c3acc60</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/nodejs/undici/commit/2414bc9f7d651f830902af00238e1b11d9a389dc"><code>2414bc9</code></a>
Update return type of RetryCallback (<a
href="https://redirect.github.com/nodejs/undici/issues/3851">#3851</a>)
(<a
href="https://redirect.github.com/nodejs/undici/issues/3876">#3876</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/be8cd0afa0cf8207d8849026f2ee6fdc6dc9dcec"><code>be8cd0a</code></a>
[Backport v6.x] fix: Fixed the issue that there is no running request
when ht...</li>
<li><a
href="https://github.com/nodejs/undici/commit/ee6176cd2e09853c868bf5bc1a34bf0500963e4d"><code>ee6176c</code></a>
fix: sending formdata bodies with http2 (<a
href="https://redirect.github.com/nodejs/undici/issues/3863">#3863</a>)
[backport] (<a
href="https://redirect.github.com/nodejs/undici/issues/3866">#3866</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/a0220f14bfd2a404173eacc94aa1722829075283"><code>a0220f1</code></a>
fix(<a
href="https://redirect.github.com/nodejs/undici/issues/3817">#3817</a>):
send servername for SNI on TLS (<a
href="https://redirect.github.com/nodejs/undici/issues/3821">#3821</a>)
[backport] (<a
href="https://redirect.github.com/nodejs/undici/issues/3864">#3864</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/353ab63188af904a17030d96018d6193247d7d18"><code>353ab63</code></a>
fix(<a
href="https://redirect.github.com/nodejs/undici/issues/3736">#3736</a>):
back-port 183f8e9 to v6.x (<a
href="https://redirect.github.com/nodejs/undici/issues/3855">#3855</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/61ec3531a64ffeec953a990c11735ff09455de4e"><code>61ec353</code></a>
Bumped v6.21.0</li>
<li><a
href="https://github.com/nodejs/undici/commit/11e31a4fdc92b09dc47f2cc5c30f5e975e6b6499"><code>11e31a4</code></a>
fix: range end is zero-indexed (<a
href="https://redirect.github.com/nodejs/undici/issues/3826">#3826</a>)
(<a
href="https://redirect.github.com/nodejs/undici/issues/3827">#3827</a>)</li>
<li><a
href="https://github.com/nodejs/undici/commit/98d1b1b2bdbe6137d4b4156b5fbe33af44bdb293"><code>98d1b1b</code></a>
fix: handle undefined deref() of WeakRef(socket) (<a
href="https://redirect.github.com/nodejs/undici/issues/3751">#3751</a>)
(<a
href="https://redirect.github.com/nodejs/undici/issues/3822">#3822</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/nodejs/undici/compare/v6.19.8...v6.21.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/copilot-extensions/preview-sdk.js/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
package-lock.json | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index 96da165..c95a59e 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -4217,9 +4217,9 @@
}
},
"node_modules/undici": {
- "version": "6.19.8",
- "resolved": "https://registry.npmjs.org/undici/-/undici-6.19.8.tgz",
- "integrity": "sha512-U8uCCl2x9TK3WANvmBavymRzxbfFYG+tAu+fgx3zxQy3qdagQqBLwJVrdyO1TBfUXvfKveMKJZhpvUYoOjM+4g==",
+ "version": "6.21.1",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.1.tgz",
+ "integrity": "sha512-q/1rj5D0/zayJB2FraXdaWxbhWiNKDvu8naDT2dl1yTlvJp4BLtOcp2a5BvgGNQpYYJzau7tf1WgKv3b+7mqpQ==",
"dev": true,
"license": "MIT",
"engines": {
From ae2cfb60cdc1b87bda7c369f7fd129b1554717f6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 26 Feb 2025 19:09:24 -0800
Subject: [PATCH 6/7] build(deps): bump @octokit/request from 9.1.3 to 9.2.1
(#122)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps [@octokit/request](https://github.com/octokit/request.js) from
9.1.3 to 9.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/octokit/request.js/releases"><code>@octokit/request</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v9.2.1</h2>
<h2><a
href="https://github.com/octokit/request.js/compare/v9.2.0...v9.2.1">9.2.1</a>
(2025-02-13)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>mitigate ReDos vulnerabilities & lint (<a
href="https://redirect.github.com/octokit/request.js/issues/738">#738</a>)
(<a
href="https://github.com/octokit/request.js/commit/6bb29ba92a52f7bf94469c3433707c682c17126c">6bb29ba</a>)</li>
</ul>
<h2>v9.2.0</h2>
<h1><a
href="https://github.com/octokit/request.js/compare/v9.1.4...v9.2.0">9.2.0</a>
(2025-01-16)</h1>
<h3>Features</h3>
<ul>
<li>correctly parse response bodies as JSON where the Content-Type is
<code>application/scim+json</code> (<a
href="https://redirect.github.com/octokit/request.js/issues/731">#731</a>)
(<a
href="https://github.com/octokit/request.js/commit/00bf316136acf001344a5bacff906f1748e6c368">00bf316</a>)</li>
</ul>
<h2>v9.1.4</h2>
<h2><a
href="https://github.com/octokit/request.js/compare/v9.1.3...v9.1.4">9.1.4</a>
(2024-12-29)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@octokit/types</code> to fix deno
compat (<a
href="https://redirect.github.com/octokit/request.js/issues/730">#730</a>)
(<a
href="https://github.com/octokit/request.js/commit/324ffef20c305f9db4813b84518c40e2f3cd76b0">324ffef</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/octokit/request.js/commit/6bb29ba92a52f7bf94469c3433707c682c17126c"><code>6bb29ba</code></a>
fix: mitigate ReDos vulnerabilities & lint (<a
href="https://redirect.github.com/octokit/request.js/issues/738">#738</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/34ff07ee86fc5c20865982d77391bc910ef19c68"><code>34ff07e</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/octokit/request.js/commit/a0e96b3e417e6fd5053dbf9c7a270c71fa8cdb62"><code>a0e96b3</code></a>
chore(deps): update dependency esbuild to ^0.25.0 (<a
href="https://redirect.github.com/octokit/request.js/issues/736">#736</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/d27daa74251b4ed9af73e651bd754199d60fdc0a"><code>d27daa7</code></a>
build(deps-dev): bump vitest and <code>@vitest/coverage-v8</code> (<a
href="https://redirect.github.com/octokit/request.js/issues/735">#735</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/bc07c8ada3d4e2d25ec6c0238bd38b2e9a178df8"><code>bc07c8a</code></a>
build(deps): bump vite from 5.4.6 to 6.0.11 (<a
href="https://redirect.github.com/octokit/request.js/issues/734">#734</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/4266a84dd0b97196da3af721a8a83dd294b149b6"><code>4266a84</code></a>
build(deps-dev): bump undici from 6.19.2 to 6.21.1 (<a
href="https://redirect.github.com/octokit/request.js/issues/733">#733</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/c2d27a22a8bba26f44d6ef1da916be4b38858c19"><code>c2d27a2</code></a>
chore(deps): update vitest monorepo to v3 (major) (<a
href="https://redirect.github.com/octokit/request.js/issues/732">#732</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/00bf316136acf001344a5bacff906f1748e6c368"><code>00bf316</code></a>
feat: correctly parse response bodies as JSON where the Content-Type is
`appl...</li>
<li><a
href="https://github.com/octokit/request.js/commit/324ffef20c305f9db4813b84518c40e2f3cd76b0"><code>324ffef</code></a>
fix(deps): bump <code>@octokit/types</code> to fix deno compat (<a
href="https://redirect.github.com/octokit/request.js/issues/730">#730</a>)</li>
<li><a
href="https://github.com/octokit/request.js/commit/70bf3e2c0e722cd6ca0374c63cb34636760eec30"><code>70bf3e2</code></a>
chore(deps): update dependency prettier to v3.4.2 (<a
href="https://redirect.github.com/octokit/request.js/issues/729">#729</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/octokit/request.js/compare/v9.1.3...v9.2.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/copilot-extensions/preview-sdk.js/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
package-lock.json | 37 +++++++++++++++++++++++++++----------
1 file changed, 27 insertions(+), 10 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index c95a59e..588e8b7 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -359,14 +359,15 @@
"license": "MIT"
},
"node_modules/@octokit/request": {
- "version": "9.1.3",
- "resolved": "https://registry.npmjs.org/@octokit/request/-/request-9.1.3.tgz",
- "integrity": "sha512-V+TFhu5fdF3K58rs1pGUJIDH5RZLbZm5BI+MNF+6o/ssFNT4vWlCh/tVpF3NxGtP15HUxTTMUbsG5llAuU2CZA==",
+ "version": "9.2.1",
+ "resolved": "https://registry.npmjs.org/@octokit/request/-/request-9.2.1.tgz",
+ "integrity": "sha512-TqHLIdw1KFvx8WvLc7Jv94r3C3+AzKY2FWq7c20zvrxmCIa6MCVkLCE/826NCXnml3LFJjLsidDh1BhMaGEDQw==",
"license": "MIT",
"dependencies": {
- "@octokit/endpoint": "^10.0.0",
- "@octokit/request-error": "^6.0.1",
- "@octokit/types": "^13.1.0",
+ "@octokit/endpoint": "^10.1.3",
+ "@octokit/request-error": "^6.1.6",
+ "@octokit/types": "^13.6.2",
+ "fast-content-type-parse": "^2.0.0",
"universal-user-agent": "^7.0.2"
},
"engines": {
@@ -374,12 +375,12 @@
}
},
"node_modules/@octokit/request-error": {
- "version": "6.1.4",
- "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-6.1.4.tgz",
- "integrity": "sha512-VpAhIUxwhWZQImo/dWAN/NpPqqojR6PSLgLYAituLM6U+ddx9hCioFGwBr5Mi+oi5CLeJkcAs3gJ0PYYzU6wUg==",
+ "version": "6.1.7",
+ "resolved": "https://registry.npmjs.org/@octokit/request-error/-/request-error-6.1.7.tgz",
+ "integrity": "sha512-69NIppAwaauwZv6aOzb+VVLwt+0havz9GT5YplkeJv7fG7a40qpLt/yZKyiDxAhgz0EtgNdNcb96Z0u+Zyuy2g==",
"license": "MIT",
"dependencies": {
- "@octokit/types": "^13.0.0"
+ "@octokit/types": "^13.6.2"
},
"engines": {
"node": ">= 18"
@@ -1716,6 +1717,22 @@
"node": ">=0.10.0"
}
},
+ "node_modules/fast-content-type-parse": {
+ "version": "2.0.1",
+ "resolved": "https://registry.npmjs.org/fast-content-type-parse/-/fast-content-type-parse-2.0.1.tgz",
+ "integrity": "sha512-nGqtvLrj5w0naR6tDPfB4cUmYCqouzyQiz6C5y/LtcDllJdrcc6WaWW6iXyIIOErTa/XRybj28aasdn4LkVk6Q==",
+ "funding": [
+ {
+ "type": "github",
+ "url": "https://github.com/sponsors/fastify"
+ },
+ {
+ "type": "opencollective",
+ "url": "https://opencollective.com/fastify"
+ }
+ ],
+ "license": "MIT"
+ },
"node_modules/fast-diff": {
"version": "1.3.0",
"resolved": "https://registry.npmjs.org/fast-diff/-/fast-diff-1.3.0.tgz",
From 6593a2f0df1b9f39183dd5180b161ce07f714f1e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 26 Feb 2025 19:09:45 -0800
Subject: [PATCH 7/7] build(deps): bump @octokit/request-error from 6.1.4 to
6.1.7 (#121)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps
[@octokit/request-error](https://github.com/octokit/request-error.js)
from 6.1.4 to 6.1.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/octokit/request-error.js/releases"><code>@octokit/request-error</code>'s
releases</a>.</em></p>
<blockquote>
<h2>v6.1.7</h2>
<h2><a
href="https://github.com/octokit/request-error.js/compare/v6.1.6...v6.1.7">6.1.7</a>
(2025-02-13)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>ReDos regex vulnerability, reported by <a
href="https://github.com/DayShift"><code>@DayShift</code></a>
(d558320874a4bc8d356babf1079e6f0056a59b9e)</li>
</ul>
<h2>v6.1.6</h2>
<h2><a
href="https://github.com/octokit/request-error.js/compare/v6.1.5...v6.1.6">6.1.6</a>
(2024-12-29)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@octokit/types</code> to fix Deno
compat (<a
href="https://redirect.github.com/octokit/request-error.js/issues/483">#483</a>)
(<a
href="https://github.com/octokit/request-error.js/commit/e01d47097869e3b12c1796dcc71b8c07136bc425">e01d470</a>)</li>
</ul>
<h2>v6.1.5</h2>
<h2><a
href="https://github.com/octokit/request-error.js/compare/v6.1.4...v6.1.5">6.1.5</a>
(2024-09-24)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>types:</strong> add explicit <code>| undefined</code> to
optional fields (<a
href="https://redirect.github.com/octokit/request-error.js/issues/462">#462</a>)
(<a
href="https://github.com/octokit/request-error.js/commit/43fc3bdb57708636ebb57262e8bcff2f735fb338">43fc3bd</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/octokit/request-error.js/commit/c346f5cf3ee93d4937fbf0cbf4b39763a0a6c110"><code>c346f5c</code></a>
fix: linting issues (<a
href="https://redirect.github.com/octokit/request-error.js/issues/494">#494</a>)</li>
<li><a
href="https://github.com/octokit/request-error.js/commit/d558320874a4bc8d356babf1079e6f0056a59b9e"><code>d558320</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/octokit/request-error.js/commit/5046116f2e0b3feea55ac7e722742541b0fbc7f3"><code>5046116</code></a>
chore(deps): update dependency esbuild to ^0.25.0 (<a
href="https://redirect.github.com/octokit/request-error.js/issues/491">#491</a>)</li>
<li><a
href="https://github.com/octokit/request-error.js/commit/50513bae3c8eaac464f6c0899fa4e53ab966367f"><code>50513ba</code></a>
build(deps): lock file maintenance (<a
href="https://redirect.github.com/octokit/request-error.js/issues/490">#490</a>)</li>
<li><a
href="https://github.com/octokit/request-error.js/commit/bd5e83f63fb942dc76d3373e335371266136eb8b"><code>bd5e83f</code></a>
build(deps): lock file maintenance (<a
href="https://redirect.github.com/octokit/request-error.js/issues/488">#488</a>)</li>
<li><a
href="https://github.com/octokit/request-error.js/commit/d204ea39c9be32c2791ed89cd1f63a6cc6bfb1f1"><code>d204ea3</code></a>
build(deps): lock file maintenance (<a
href="https://redirect.github.com/octokit/request-error.js/issues/486">#486</a>)</li>
<li><a
href="https://github.com/octokit/request-error.js/commit/ab1585a53378efa7670f2873230ced7b3f9359fd"><code>ab1585a</code></a>
chore(deps): update vitest monorepo to v3 (major) (<a
href="https://redirect.github.com/octokit/request-error.js/issues/487">#487</a>)</li>
<li><a
href="https://github.com/octokit/request-error.js/commit/03a7e12507d46044e463aaf71140d0661e6815c1"><code>03a7e12</code></a>
build(deps): lock file maintenance (<a
href="https://redirect.github.com/octokit/request-error.js/issues/485">#485</a>)</li>
<li><a
href="https://github.com/octokit/request-error.js/commit/cb4feec67c6c43690f014d8a92081c68bbb5a032"><code>cb4feec</code></a>
build(deps): lock file maintenance (<a
href="https://redirect.github.com/octokit/request-error.js/issues/484">#484</a>)</li>
<li><a
href="https://github.com/octokit/request-error.js/commit/e01d47097869e3b12c1796dcc71b8c07136bc425"><code>e01d470</code></a>
fix(deps): bump <code>@octokit/types</code> to fix Deno compat (<a
href="https://redirect.github.com/octokit/request-error.js/issues/483">#483</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/octokit/request-error.js/compare/v6.1.4...v6.1.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/copilot-extensions/preview-sdk.js/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>