Tags: octokit/rest.js
Tags
fix(deps): bump Octokit dependencies to address ReDos vulnerabilities… …, bump `devDependencies` (#487) This aims to resolve #486 `npm vulnerabilities with the 20.x branch Should resolve: GHSA-2p57-rm9w-gvfp GHSA-3xgq-45jj-v275 GHSA-67mh-4wv8-2f99 GHSA-78xj-cgh5-2h22 GHSA-952p-6rrq-rcjv GHSA-9qxr-qj54-h672 GHSA-9wv6-86v2-598j GHSA-c2qf-rxjj-qqgw GHSA-c76h-2ccp-4975 GHSA-c7qv-q95q-8v27 GHSA-f5x3-32g6-xq36 GHSA-grv7-fg5c-xmjg GHSA-h5c3-5r3r-rr8q GHSA-m4v8-wqvr-p9f7 GHSA-m6fv-jmcg-4jfg GHSA-pxg6-pf52-xh8x GHSA-qwcr-r2fm-qrc7 GHSA-rhx6-c78j-4q9w GHSA-rmvr-2pp2-xj38 GHSA-xx4v-prfh-6cgc ---- <!-- Please describe the current behavior that you are modifying. --> > 31 vulnerabilities (3 low, 18 moderate, 10 high)  <!-- Please describe the behavior or changes that are being added by this PR. --> > 9 moderate severity vulnerabilities  **Important note**: the remaining reported 'moderate' vulnerabilities for `@octokit/request` and `@octokit/plugin-paginate-rest` for GHSA-h5c3-5r3r-rr8q and GHSA-rmvr-2pp2-xj38 are actually mitigated already; npm audit isn't taking the minor versions properly into account as: - @octokit/plugin-paginate-rest is patched in `9.2.2` (applied) - @octokit/request is patched in `8.4.1` (applied) This is a reporting issue: npm/cli#8125 **Important note**: this PR reduces updates (reduces :() test coverage due to the same challenges discovered in #413 (comment) - [x] Tests for the changes have been added (for bug fixes / features) - [ ] Docs have been reviewed and added / updated if needed (for bug fixes / features) <!-- If this introduces a breaking change make sure to note it here any what the impact might be --> Please see our docs on [breaking changes](https://github.com/octokit/.github/blob/master/community/breaking_changes.md) to help! - [ ] Yes - [x] No ---- --------- Co-authored-by: wolfy1339 <webmaster@wolfy1339.com>
feat: new endpoints, bump Octokit deps to fix Deno (#477) - Description updates - New `/enterprises/{enterprise}/copilot/billing/seats` - New `/enterprises/{enterprise}/settings/billing/cost-centers` - New `/enterprises/{enterprise}/settings/billing/usage` - New `/enterprises/{enterprise}/code-security/configurations/defaults` - New `/enterprises/{enterprise}/code-security/configurations/{configuration_id}` - New `/enterprises/{enterprise}/code-security/configurations/{configuration_id}/attach` - New `/orgs/{org}/actions/runner-groups` - New `/orgs/{org}/actions/runner-groups/{runner_group_id}` - New `/orgs/{org}/actions/runner-groups/{runner_group_id}/repositories` - New `/orgs/{org}/actions/runner-groups/{runner_group_id}/repositories/{repository_id}` - New `/orgs/{org}/actions/runner-groups/{runner_group_id}/runners` - New `/orgs/{org}/actions/runner-groups/{runner_group_id}/runners/{runner_id}` - New `/orgs/{org}/copilot/metrics` - New `/orgs/{org}/insights/api/route-stats/{actor_type}/{actor_id}` - New `/orgs/{org}/insights/api/subject-stats` - New `/orgs/{org}/insights/api/summary-stats` - New `/orgs/{org}/insights/api/summary-stats/users/{user_id}` - New `/orgs/{org}/insights/api/summary-stats/{actor_type}/{actor_id}` - New `/orgs/{org}/insights/api/time-stats` - New `/orgs/{org}/insights/api/time-stats/users/{user_id}` - New `/orgs/{org}/insights/api/time-stats/{actor_type}/{actor_id}` - New `/orgs/{org}/insights/api/user-stats/{user_id}` - New `/orgs/{org}/private-registries` - New `/orgs/{org}/private-registries/public-key` - New `/orgs/{org}/private-registries/{secret_name}` - New `/orgs/{org}/team/{team_slug}/copilot/metrics` - New `/orgs/{org}/team/{team_slug}/copilot/usage` - **Deprecate `/orgs/{org}/{security_product}/{enablement}`** - New `/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix` - New `/repos/{owner}/{repo}/code-scanning/alerts/{alert_number}/autofix/commits` - New `/repos/{owner}/{repo}/code-security-configuration` - Add discriminators for various properties - New `/repos/{owner}/{repo}/issues/{issue_number}/sub_issues` - New `/repos/{owner}/{repo}/issues/{issue_number}/sub_issues/priority` - New `/repos/{owner}/{repo}/secret-scanning/push-protection-bypasses` - New `/repos/{owner}/{repo}/secret-scanning/scan-history`
PreviousNext