Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the npm_and_yarn group across 1 directory with 2 updates #375

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the npm_and_yarn group across 1 directory with 2 updates #375

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 14, 2025

Bumps the npm_and_yarn group with 2 updates in the /cli directory: @octokit/request and @octokit/core.

Updates @octokit/request from 6.2.1 to 9.2.1

Release notes

Sourced from @​octokit/request's releases.

v9.2.1

9.2.1 (2025-02-13)

Bug Fixes

  • mitigate ReDos vulnerabilities & lint (#738) (6bb29ba)

v9.2.0

9.2.0 (2025-01-16)

Features

  • correctly parse response bodies as JSON where the Content-Type is application/scim+json (#731) (00bf316)

v9.1.4

9.1.4 (2024-12-29)

Bug Fixes

  • deps: bump @octokit/types to fix deno compat (#730) (324ffef)

v9.1.3

9.1.3 (2024-07-14)

Bug Fixes

v9.1.2

9.1.2 (2024-07-13)

Bug Fixes

  • refactor: async await instead of Promise chain (#711) (611b275)

v9.1.1

9.1.1 (2024-04-15)

Bug Fixes

  • pkg: add default fallback to exports (#688) (9866c41)

v9.1.0

9.1.0 (2024-04-09)

... (truncated)

Commits
  • 6bb29ba fix: mitigate ReDos vulnerabilities & lint (#738)
  • 34ff07e Merge commit from fork
  • a0e96b3 chore(deps): update dependency esbuild to ^0.25.0 (#736)
  • d27daa7 build(deps-dev): bump vitest and @​vitest/coverage-v8 (#735)
  • bc07c8a build(deps): bump vite from 5.4.6 to 6.0.11 (#734)
  • 4266a84 build(deps-dev): bump undici from 6.19.2 to 6.21.1 (#733)
  • c2d27a2 chore(deps): update vitest monorepo to v3 (major) (#732)
  • 00bf316 feat: correctly parse response bodies as JSON where the Content-Type is `appl...
  • 324ffef fix(deps): bump @octokit/types to fix deno compat (#730)
  • 70bf3e2 chore(deps): update dependency prettier to v3.4.2 (#729)
  • Additional commits viewable in compare view

Updates @octokit/core from 4.0.5 to 6.1.4

Release notes

Sourced from @​octokit/core's releases.

v6.1.4

6.1.4 (2025-02-13)

Bug Fixes

  • deps: bump Octokit dependencies vulnerable to ReDos (#723) (582d8bd)

v6.1.3

6.1.3 (2025-01-03)

Bug Fixes

  • deps: bump Octokit dependencies to fix Deno compat (#715) (e2b21bb)

v6.1.2

6.1.2 (2024-04-09)

Bug Fixes

v6.1.1

6.1.1 (2024-04-03)

Bug Fixes

  • deps: update dependency @​octokit/types to v13 (ade2813)

v6.1.0

6.1.0 (2024-04-03)

Features

v6.0.1

6.0.1 (2024-02-26)

Bug Fixes

v6.0.0

6.0.0 (2024-02-25)

... (truncated)

Commits
  • 582d8bd fix(deps): bump Octokit dependencies vulnerable to ReDos (#723)
  • 4c21074 chore(deps): update dependency esbuild to ^0.25.0 (#721)
  • 5fa1fe1 chore(deps-dev): bump vitest and @​vitest/coverage-v8 (#720)
  • c064e48 chore(deps-dev): bump vite from 5.4.6 to 6.0.11 (#719)
  • 21587d7 chore(deps): update dependency undici to v6.21.1 [security] (#718)
  • 4e6e8e7 chore(deps): update vitest monorepo to v3 (major) (#716)
  • e2b21bb fix(deps): bump Octokit dependencies to fix Deno compat (#715)
  • 53c4aef chore(deps): remove unused dependency @​types/jest (#714)
  • 50c5386 chore(deps): update dependency prettier to v3.4.2 (#712)
  • 22bbb08 chore(deps): update dependency @​sinonjs/fake-timers to v14 (#713)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump the npm_and_yarn group across 1 directory with 2 updates
2f9e476 
Bumps the npm_and_yarn group with 2 updates in the /cli directory: [@octokit/request](https://github.com/octokit/request.js) and [@octokit/core](https://github.com/octokit/core.js).


Updates `@octokit/request` from 6.2.1 to 9.2.1
- [Release notes](https://github.com/octokit/request.js/releases)
- [Commits](octokit/request.js@v6.2.1...v9.2.1)

Updates `@octokit/core` from 4.0.5 to 6.1.4
- [Release notes](https://github.com/octokit/core.js/releases)
- [Commits](octokit/core.js@v4.0.5...v6.1.4)

---
updated-dependencies:
- dependency-name: "@octokit/request"
  dependency-type: indirect
  dependency-group: npm_and_yarn
- dependency-name: "@octokit/core"
  dependency-type: direct:production
  dependency-group: npm_and_yarn
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from cjwooo as a code owner February 14, 2025 19:47
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 14, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cjwooo cjwooo Awaiting requested review from cjwooo cjwooo is a code owner

@tovbinm tovbinm Awaiting requested review from tovbinm tovbinm is a code owner

@ypc-faros ypc-faros Awaiting requested review from ypc-faros ypc-faros is a code owner

@thomas-gerber thomas-gerber Awaiting requested review from thomas-gerber thomas-gerber is a code owner

@ogusak ogusak Awaiting requested review from ogusak ogusak is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants