Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade @octokit/types from 8.0.0 to 8.2.1 #160

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

NOUIY
Copy link
Owner

@NOUIY NOUIY commented May 24, 2024

This PR was automatically created by Snyk using the credentials of a real user.


![snyk-top-banner](https://github.com/andygongea/OWASP-Benchmark/assets/818805/c518c423-16fe-447e-b67f-ad5a49b5d123)

Snyk has created this PR to upgrade @octokit/types from 8.0.0 to 8.2.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 4 versions ahead of your current version.

  • The recommended version was released on a year ago.

Release notes
Package name: @octokit/types
  • 8.2.1 - 2023-01-20

    8.2.1 (2023-01-20)

    Bug Fixes

    • revert "feat: many unreleased endpoint updates (#499)" (fcbd164)
  • 8.2.0 - 2023-01-20

    8.2.0 (2023-01-20)

    Features

  • 8.1.1 - 2023-01-13

    8.1.1 (2023-01-13)

    Reverts

  • 8.1.0 - 2023-01-11

    8.1.0 (2023-01-11)

    Features

  • 8.0.0 - 2022-10-12

    8.0.0 (2022-10-12)

    BREAKING CHANGES

    • @ octokit/types no longer include endpoint types for GHEC

    Features

    • feat: publish new GitHub Enterprise Cloud (GHEC) specific @ octokit/openapi-types-ghec package, plus lots of API changes (29539cf)
    • feat: add support for new "Get a Dependabot alert" API (GET /repos/{owner}/{repo}/dependabot/alerts/{alert_number})
    • feat: add support for new "Update a Dependabot alert" API (PATCH /repos/{owner}/{repo}/dependabot/alerts/{alert_number})
    • feat: add support for new "List Dependabot alerts for a repository" API (GET /repos/{owner}/{repo}/dependabot/alerts)
      • feat: add support for new "List organization secret" (GET /organizations/{org}/codespaces/secrets) Codespaces API
    • feat: add support for new "Get an organization public key" (GET /organizations/{org}/codespaces/secrets/public-key) Codespaces API
    • feat: add support for new "Get an organization secret" (GET /organizations/{org}/codespaces/secrets/{secret_name} ) Codespaces API
    • feat: adds support for new "Create or update an organization secret" (PUT /organizations/{org}/codespaces/secrets/{secret_name} ) Codespaces API
    • feat: add support for new "Delete an organization secret" (DELETE /organizations/{org}/codespaces/secrets/{secret_name}) Codespaces API
    • feat: add support for new "List selected repositories for an organization secret" (GET /organizations/{org}/codespaces/secrets/{secret_name}/repositories) Codespaces API
    • feat: add support for new "Set selected repositories for an organization secret" ( PUT /organizations/{org}/codespaces/secrets/{secret_name}/repositories) Codespaces API
    • feat: add support for new "Add selected repository to an organization secret" (PUT /organizations/{org}/codespaces/secrets/{secret_name}/repositories/{repository_id}) Codespaces API
    • feat: add support for new "Remove selected repository from an organization secret" (DELETE /organizations/{org}/codespaces/secrets/{secret_name}/repositories/{repository_id}) Codespaces API
    • feat: add support for resolution_comment attribute returned on secret scanning alerts
    • feat: add support for new scope attribute returned by the "Get a diff of the dependencies between commits" (GET /repos/{owner}/{repo}/dependency-graph/compare/{basehead}) API
    • deps: update @ octokit/openapi-types to v14 (#463) (7bf7e20)

    ### Fixes

    • fix: tweak documentation for repo starring related APIs (GET /repos/{owner}/{repo}/stargazers, GET /users/{username}/starred and GET /user/starred) to clarify what Accept header to send to get information about when stars were created
    • fix: tweak documentation for "Get community profile metrics" API (GET /repos/{owner}/{repo}/community/profile) to clarify that it only works with public repos which are not forks
    • fix: document the size attribute returned on repos across the API
    • fix: document that APIs can return 422 errors when an endpoint has been spammed with many requests
    • fix: document 301 status returned by labels-related APIs if the repo has been renamed or moved
    • fix: document 404 Not Found status returned by labels-related APIs
from @octokit/types GitHub release notes

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

Snyk has created this PR to upgrade @octokit/types from 8.0.0 to 8.2.1.

See this package in npm:
@octokit/types

See this project in Snyk:
https://app.snyk.io/org/nexuscompute/project/f16f8996-f9d0-44a7-9e3e-3c11497cb717?utm_source=github&utm_medium=referral&page=upgrade-pr
Copy link

guardrails bot commented May 24, 2024

⚠️ We detected 6 security issues in this pull request:

Vulnerable Libraries (6)
Severity Details
High pkg:npm/[email protected] (t) upgrade to: > 29.0.2
High pkg:npm/@pika/[email protected] (t) upgrade to: > 0.9.2
High pkg:npm/[email protected] (t) upgrade to: > 9.11.0
High pkg:npm/@pika/[email protected] (t) upgrade to: > 0.9.2
Critical pkg:npm/[email protected] (t) upgrade to: > 19.0.3
High pkg:npm/@octokit/[email protected] (t) upgrade to: > 3.0.3

More info on how to fix Vulnerable Libraries in JavaScript.


👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants