Skip to content

chore(deps): bump @octokit/request-error, @actions/github, @octokit/core and lerna#6092

Closed
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/multi-fe332d26c1
Closed

chore(deps): bump @octokit/request-error, @actions/github, @octokit/core and lerna#6092
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/multi-fe332d26c1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Feb 14, 2025
edited
Loading

Bumps @octokit/request-error to 6.1.7 and updates ancestor dependencies @octokit/request-error, @actions/github, @octokit/core and lerna. These dependencies need to be updated together.

Updates @octokit/request-error from 2.1.0 to 6.1.7

Release notes

Sourced from @​octokit/request-error's releases.

v6.1.7

6.1.7 (2025-02-13)

Bug Fixes

  • ReDos regex vulnerability, reported by @​DayShift (d558320874a4bc8d356babf1079e6f0056a59b9e)

v6.1.6

6.1.6 (2024-12-29)

Bug Fixes

  • deps: bump @octokit/types to fix Deno compat (#483) (e01d470)

v6.1.5

6.1.5 (2024-09-24)

Bug Fixes

  • types: add explicit | undefined to optional fields (#462) (43fc3bd)

v6.1.4

6.1.4 (2024-07-11)

Bug Fixes

  • improve perf of request error instantiations (#444) (ba04ffa)

v6.1.3

6.1.3 (2024-07-11)

Bug Fixes

v6.1.2

6.1.2 (2024-07-10)

Bug Fixes

  • ensure statusCode is always an integer (#439) (6eb8634)

v6.1.1

6.1.1 (2024-04-16)

... (truncated)

Commits

Updates @actions/github from 5.1.1 to 6.0.0

Changelog

Sourced from @​actions/github's changelog.

6.0.0

  • Support the latest Octokit in @​actions/github #1553
    • Drop support of NodeJS v14, v16
Commits

Updates @octokit/core from 4.2.4 to 6.1.4

Release notes

Sourced from @​octokit/core's releases.

v6.1.4

6.1.4 (2025-02-13)

Bug Fixes

  • deps: bump Octokit dependencies vulnerable to ReDos (#723) (582d8bd)

v6.1.3

6.1.3 (2025-01-03)

Bug Fixes

  • deps: bump Octokit dependencies to fix Deno compat (#715) (e2b21bb)

v6.1.2

6.1.2 (2024-04-09)

Bug Fixes

v6.1.1

6.1.1 (2024-04-03)

Bug Fixes

  • deps: update dependency @​octokit/types to v13 (ade2813)

v6.1.0

6.1.0 (2024-04-03)

Features

v6.0.1

6.0.1 (2024-02-26)

Bug Fixes

v6.0.0

6.0.0 (2024-02-25)

... (truncated)

Commits
  • 582d8bd fix(deps): bump Octokit dependencies vulnerable to ReDos (#723)
  • 4c21074 chore(deps): update dependency esbuild to ^0.25.0 (#721)
  • 5fa1fe1 chore(deps-dev): bump vitest and @​vitest/coverage-v8 (#720)
  • c064e48 chore(deps-dev): bump vite from 5.4.6 to 6.0.11 (#719)
  • 21587d7 chore(deps): update dependency undici to v6.21.1 [security] (#718)
  • 4e6e8e7 chore(deps): update vitest monorepo to v3 (major) (#716)
  • e2b21bb fix(deps): bump Octokit dependencies to fix Deno compat (#715)
  • 53c4aef chore(deps): remove unused dependency @​types/jest (#714)
  • 50c5386 chore(deps): update dependency prettier to v3.4.2 (#712)
  • 22bbb08 chore(deps): update dependency @​sinonjs/fake-timers to v14 (#713)
  • Additional commits viewable in compare view

Updates lerna from 5.5.4 to 8.1.9

Release notes

Sourced from lerna's releases.

v8.1.9

8.1.9 (2024-10-31)

Bug Fixes

  • add extends property in schema (#4075) (28c8ef2)
  • core: avoid reading empty .config.json, upgrade cosmiconfig@v9.0.0 (#4062) (960bdd9)
  • update nx support to latest v20 (#4103) (cb37f19)
  • version: enable changing commit message when using amend (#3954) (529e83f)

Features

  • publish: support full file path for --summary-file (#4039) (cfd573a)

v8.1.8

8.1.8 (2024-08-05)

Bug Fixes

  • publish: upgrade @​npmcli/arborist to 7.5.4 (#4058) (89de0eb)
  • version: truncate release body based on maximum size allowed by VCS client (#4041) (3c2a3c9)

Features

  • publish: enable throttling when publishing modules (#4013) (fccca12)

v8.1.7

8.1.7 (2024-07-21)

Bug Fixes

v8.1.6

8.1.6 (2024-07-05)

Bug Fixes

v8.1.5

8.1.5 (2024-06-24)

... (truncated)

Changelog

Sourced from lerna's changelog.

8.1.9 (2024-10-31)

Bug Fixes

  • add extends property in schema (#4075) (28c8ef2)
  • core: avoid reading empty .config.json, upgrade cosmiconfig@v9.0.0 (#4062) (960bdd9)
  • update nx support to latest v20 (#4103) (cb37f19)

8.1.8 (2024-08-05)

Bug Fixes

  • publish: upgrade @​npmcli/arborist to 7.5.4 (#4058) (89de0eb)

8.1.7 (2024-07-21)

Bug Fixes

8.1.6 (2024-07-05)

Bug Fixes

8.1.5 (2024-06-24)

Bug Fixes

  • update npm utility dependencies and related packages (#4033) (bd1c2d8)

8.1.4 (2024-06-09)

Note: Version bump only for package lerna

8.1.3 (2024-05-13)

Bug Fixes

8.1.2 (2024-02-05)

Note: Version bump only for package lerna

8.1.1 (2024-02-05)

Note: Version bump only for package lerna

... (truncated)

Commits
  • 7d1338d chore(misc): publish 8.1.9
  • cb37f19 fix: update nx support to latest v20 (#4103)
  • 28c8ef2 fix: add extends property in schema (#4075)
  • 960bdd9 fix(core): avoid reading empty .config.json, upgrade cosmiconfig@v9.0.0 (#4062)
  • 0343c31 chore(misc): publish 8.1.8
  • 3cd9bc9 chore: update e2e-repair snapshots with new output (#4059)
  • 89de0eb fix(publish): upgrade @​npmcli/arborist to 7.5.4 (#4058)
  • 10fcb3a chore(misc): publish 8.1.7
  • 6e5cfbc fix: set explicit strip-ansi dependency (#4045)
  • 8d68f1d chore(misc): publish 8.1.6
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
chore(deps): bump @octokit/request-error, @actions/github, @octokit/c…
b1d2cf5 
…ore and lerna

Bumps [@octokit/request-error](https://github.com/octokit/request-error.js) to 6.1.7 and updates ancestor dependencies [@octokit/request-error](https://github.com/octokit/request-error.js), [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github), [@octokit/core](https://github.com/octokit/core.js) and [lerna](https://github.com/lerna/lerna/tree/HEAD/packages/lerna). These dependencies need to be updated together.


Updates `@octokit/request-error` from 2.1.0 to 6.1.7
- [Release notes](https://github.com/octokit/request-error.js/releases)
- [Commits](octokit/request-error.js@v2.1.0...v6.1.7)

Updates `@actions/github` from 5.1.1 to 6.0.0
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

Updates `@octokit/core` from 4.2.4 to 6.1.4
- [Release notes](https://github.com/octokit/core.js/releases)
- [Commits](octokit/core.js@v4.2.4...v6.1.4)

Updates `lerna` from 5.5.4 to 8.1.9
- [Release notes](https://github.com/lerna/lerna/releases)
- [Changelog](https://github.com/lerna/lerna/blob/main/packages/lerna/CHANGELOG.md)
- [Commits](https://github.com/lerna/lerna/commits/v8.1.9/packages/lerna)

---
updated-dependencies:
- dependency-name: "@octokit/request-error"
  dependency-type: indirect
- dependency-name: "@actions/github"
  dependency-type: direct:production
- dependency-name: "@octokit/core"
  dependency-type: direct:development
- dependency-name: lerna
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from a team as a code owner February 14, 2025 23:30
@dependabot dependabot Bot requested a review from jonifazo February 14, 2025 23:30
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Feb 14, 2025
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Apr 15, 2025

OK, I won't notify you again about this release, but will get in touch when a new version is available. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/multi-fe332d26c1 branch April 15, 2025 15:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jonifazo jonifazo Awaiting requested review from jonifazo jonifazo is a code owner automatically assigned from forcedotcom/ide-experience

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@daphne-sfdc