From 6bda5bc1410576b9a0879ce6076d53345485bba9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 13 Mar 2026 15:33:03 -0700
Subject: [PATCH] fix(deps): bump the production-dependencies group with 4
updates (#336)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps the production-dependencies group with 4 updates:
[@octokit/auth-app](https://github.com/octokit/auth-app.js),
[@octokit/request](https://github.com/octokit/request.js),
[p-retry](https://github.com/sindresorhus/p-retry) and
[undici](https://github.com/nodejs/undici).
Updates `@octokit/auth-app` from 8.1.2 to 8.2.0
Release notes
Sourced from @octokit/auth-app's
releases.
v8.2.0
8.2.0
(2026-02-03)
Features
- handling exp is too far in the future (#699)
(6201580)
- Add enterprise installation route to JWT-authenticated routes (#736)
(5b218af)
Commits
6201580
feat: handling exp is too far in the future (#699)5b218af
Add enterprise installation route to JWT-authenticated routes (#736)4486c10
build(deps-dev): bump vite from 7.1.7 to 7.1.11 (#728)e1fecc4
build(deps): bump glob from 10.4.5 to 10.5.0 (#733)- See full diff in compare
view
Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub
Actions), a new releaser for @octokit/auth-app since your
current version.
Updates `@octokit/request` from 10.0.7 to 10.0.8
Release notes
Sourced from @octokit/request's
releases.
v10.0.8
10.0.8
(2026-02-20)
Bug Fixes
- use
json-with-bigint instead of built-in JSON methods
in order to properly support int64's (#798)
(f13f5d9)
Commits
f13f5d9
fix: use json-with-bigint instead of built-in JSON methods
in order to prop...9ba6ae0
Document that unsuccessful HTTP status code result in an exception (#795)7160b82
chore(deps): replace glob with tinyglobby (#791)ab8018b
ci(action): update peter-evans/create-or-update-comment action to v5 (#776)fb916e4
build(deps): bump vite from 6.3.4 to 6.4.1 (#780)e1eb769
chore(deps): update dependency esbuild to ^0.27.0 (#784)- See full diff in compare
view
Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub
Actions), a new releaser for @octokit/request since your
current version.
Updates `p-retry` from 7.1.0 to 7.1.1
Release notes
Sourced from p-retry's
releases.
v7.1.1
- Fix delayed abort when signal is already aborted before delay phase
2aba573
https://github.com/sindresorhus/p-retry/compare/v7.1.0...v7.1.1
Commits
Updates `undici` from 7.16.0 to 7.22.0
Release notes
Sourced from undici's
releases.
v7.22.0
What's Changed
New Contributors
Full Changelog: https://github.com/nodejs/undici/compare/v7.21.0...v7.22.0
v7.21.0
What's Changed
New Contributors
Full Changelog: https://github.com/nodejs/undici/compare/v7.20.0...v7.21.0
v7.20.0
What's Changed
New Contributors
Full Changelog: https://github.com/nodejs/undici/compare/v7.19.2...v7.20.0
v7.19.2
What's Changed
... (truncated)
Commits
0a23610
Bumped v7.22.0 (#4829)f3c5c61
feat: Support async cache stores in revalidation (#4826)9b78a44
fix(deduplicate): avoid deduping methods not in methods option (#4818)0ce57ba
build(deps-dev): bump esbuild from 0.25.12 to 0.27.3 (#4821)2453caf
fix: route websocket upgrades through new handler API (#4787)4658cdf
feat(dispatcher/env-http-proxy-agent): strip leading dot and asterisk
(#4676)a821c56
fix: use OR operator in includesCredentials per WHATWG URL Standard (#4816)b3326b5
docs: fix syntax highlighting in WebSocket.md (#4814)393c0da
Bumped v7.21.0 (#4813)47f9b96
fix: set finalizer only for fetch responses (#4803)- Additional commits viewable in compare
view
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore ` will
remove the ignore condition of the specified dependency and ignore
conditions
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Parker Brown <17183625+parkerbxyz@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---
package-lock.json | 47 +++++++++++++++++++++++++++--------------------
package.json | 8 ++++----
2 files changed, 31 insertions(+), 24 deletions(-)
diff --git a/package-lock.json b/package-lock.json
index c46d867..a221336 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -10,10 +10,10 @@
"license": "MIT",
"dependencies": {
"@actions/core": "^3.0.0",
- "@octokit/auth-app": "^8.1.2",
- "@octokit/request": "^10.0.3",
- "p-retry": "^7.1.0",
- "undici": "^7.18.2"
+ "@octokit/auth-app": "^8.2.0",
+ "@octokit/request": "^10.0.8",
+ "p-retry": "^7.1.1",
+ "undici": "^7.24.1"
},
"devDependencies": {
"@octokit/openapi": "^21.0.0",
@@ -690,9 +690,9 @@
}
},
"node_modules/@octokit/auth-app": {
- "version": "8.1.2",
- "resolved": "https://registry.npmjs.org/@octokit/auth-app/-/auth-app-8.1.2.tgz",
- "integrity": "sha512-db8VO0PqXxfzI6GdjtgEFHY9tzqUql5xMFXYA12juq8TeTgPAuiiP3zid4h50lwlIP457p5+56PnJOgd2GGBuw==",
+ "version": "8.2.0",
+ "resolved": "https://registry.npmjs.org/@octokit/auth-app/-/auth-app-8.2.0.tgz",
+ "integrity": "sha512-vVjdtQQwomrZ4V46B9LaCsxsySxGoHsyw6IYBov/TqJVROrlYdyNgw5q6tQbB7KZt53v1l1W53RiqTvpzL907g==",
"license": "MIT",
"dependencies": {
"@octokit/auth-oauth-app": "^9.0.3",
@@ -756,9 +756,9 @@
}
},
"node_modules/@octokit/endpoint": {
- "version": "11.0.2",
- "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-11.0.2.tgz",
- "integrity": "sha512-4zCpzP1fWc7QlqunZ5bSEjxc6yLAlRTnDwKtgXfcI/FxxGoqedDG8V2+xJ60bV2kODqcGB+nATdtap/XYq2NZQ==",
+ "version": "11.0.3",
+ "resolved": "https://registry.npmjs.org/@octokit/endpoint/-/endpoint-11.0.3.tgz",
+ "integrity": "sha512-FWFlNxghg4HrXkD3ifYbS/IdL/mDHjh9QcsNyhQjN8dplUoZbejsdpmuqdA76nxj2xoWPs7p8uX2SNr9rYu0Ag==",
"license": "MIT",
"dependencies": {
"@octokit/types": "^16.0.0",
@@ -809,15 +809,16 @@
"license": "MIT"
},
"node_modules/@octokit/request": {
- "version": "10.0.7",
- "resolved": "https://registry.npmjs.org/@octokit/request/-/request-10.0.7.tgz",
- "integrity": "sha512-v93h0i1yu4idj8qFPZwjehoJx4j3Ntn+JhXsdJrG9pYaX6j/XRz2RmasMUHtNgQD39nrv/VwTWSqK0RNXR8upA==",
+ "version": "10.0.8",
+ "resolved": "https://registry.npmjs.org/@octokit/request/-/request-10.0.8.tgz",
+ "integrity": "sha512-SJZNwY9pur9Agf7l87ywFi14W+Hd9Jg6Ifivsd33+/bGUQIjNujdFiXII2/qSlN2ybqUHfp5xpekMEjIBTjlSw==",
"license": "MIT",
"dependencies": {
- "@octokit/endpoint": "^11.0.2",
+ "@octokit/endpoint": "^11.0.3",
"@octokit/request-error": "^7.0.2",
"@octokit/types": "^16.0.0",
"fast-content-type-parse": "^3.0.0",
+ "json-with-bigint": "^3.5.3",
"universal-user-agent": "^7.0.2"
},
"engines": {
@@ -2430,6 +2431,12 @@
"js-yaml": "bin/js-yaml.js"
}
},
+ "node_modules/json-with-bigint": {
+ "version": "3.5.7",
+ "resolved": "https://registry.npmjs.org/json-with-bigint/-/json-with-bigint-3.5.7.tgz",
+ "integrity": "sha512-7ei3MdAI5+fJPVnKlW77TKNKwQ5ppSzWvhPuSuINT/GYW9ZOC1eRKOuhV9yHG5aEsUPj9BBx5JIekkmoLHxZOw==",
+ "license": "MIT"
+ },
"node_modules/load-json-file": {
"version": "7.0.1",
"resolved": "https://registry.npmjs.org/load-json-file/-/load-json-file-7.0.1.tgz",
@@ -2794,9 +2801,9 @@
}
},
"node_modules/p-retry": {
- "version": "7.1.0",
- "resolved": "https://registry.npmjs.org/p-retry/-/p-retry-7.1.0.tgz",
- "integrity": "sha512-xL4PiFRQa/f9L9ZvR4/gUCRNus4N8YX80ku8kv9Jqz+ZokkiZLM0bcvX0gm1F3PDi9SPRsww1BDsTWgE6Y1GLQ==",
+ "version": "7.1.1",
+ "resolved": "https://registry.npmjs.org/p-retry/-/p-retry-7.1.1.tgz",
+ "integrity": "sha512-J5ApzjyRkkf601HpEeykoiCvzHQjWxPAHhyjFcEUP2SWq0+35NKh8TLhpLw+Dkq5TZBFvUM6UigdE9hIVYTl5w==",
"license": "MIT",
"dependencies": {
"is-network-error": "^1.1.0"
@@ -3559,9 +3566,9 @@
}
},
"node_modules/undici": {
- "version": "7.18.2",
- "resolved": "https://registry.npmjs.org/undici/-/undici-7.18.2.tgz",
- "integrity": "sha512-y+8YjDFzWdQlSE9N5nzKMT3g4a5UBX1HKowfdXh0uvAnTaqqwqB92Jt4UXBAeKekDs5IaDKyJFR4X1gYVCgXcw==",
+ "version": "7.24.1",
+ "resolved": "https://registry.npmjs.org/undici/-/undici-7.24.1.tgz",
+ "integrity": "sha512-5xoBibbmnjlcR3jdqtY2Lnx7WbrD/tHlT01TmvqZUFVc9Q1w4+j5hbnapTqbcXITMH1ovjq/W7BkqBilHiVAaA==",
"license": "MIT",
"engines": {
"node": ">=20.18.1"
diff --git a/package.json b/package.json
index 079da38..fb81ffb 100644
--- a/package.json
+++ b/package.json
@@ -17,10 +17,10 @@
"license": "MIT",
"dependencies": {
"@actions/core": "^3.0.0",
- "@octokit/auth-app": "^8.1.2",
- "@octokit/request": "^10.0.3",
- "p-retry": "^7.1.0",
- "undici": "^7.18.2"
+ "@octokit/auth-app": "^8.2.0",
+ "@octokit/request": "^10.0.8",
+ "p-retry": "^7.1.1",
+ "undici": "^7.24.1"
},
"devDependencies": {
"@octokit/openapi": "^21.0.0",