Skip to content

Commit

Permalink
Bump octokit plugin-paginate-rest to address ReDoS vulnerability
Browse files Browse the repository at this point in the history 
GHSA-h5c3-5r3r-rr8q

Note that `npm audit` will still show the updated version as vulnerable, even
though it is patched. npm/cli#8125
  • Loading branch information
@mislav
mislav committed Mar 7, 2025
1 parent dc22dc7 commit b68cdad
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 36 deletions.
72 changes: 38 additions & 34 deletions packages/github/package-lock.json
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions packages/github/package.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,8 +40,8 @@
"dependencies": {
"@actions/http-client": "^2.2.0",
"@octokit/core": "^5.0.1",
"@octokit/plugin-paginate-rest": "^9.0.0",
"@octokit/plugin-rest-endpoint-methods": "^10.0.0",
"@octokit/plugin-paginate-rest": "^9.2.2",
"@octokit/plugin-rest-endpoint-methods": "^10.4.1",
"undici": "^5.28.5"
},
"devDependencies": {
Expand Down

0 comments on commit b68cdad

Please sign in to comment.