Skip to content

Bump @octokit/request and @actions/github#48

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-05e862fa66
Open

Bump @octokit/request and @actions/github#48
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/multi-05e862fa66

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 10, 2026

Copy link
Copy Markdown

Bumps @octokit/request to 10.0.11 and updates ancestor dependency @actions/github. These dependencies need to be updated together.

Updates @octokit/request from 5.4.10 to 10.0.11

Release notes

Sourced from @​octokit/request's releases.

v10.0.11

10.0.11 (2026-06-29)

Bug Fixes

  • handle primitive JSON error bodies without throwing (#820) (554e102), closes #819

v10.0.10

10.0.10 (2026-05-26)

Bug Fixes

  • remove unused fast-content-type-parse dependency (#808) (25b0838)

v10.0.9

10.0.9 (2026-05-12)

Bug Fixes

  • deps: switch to using the "content-type" package for content type parsing (#807) (a9f64a0)

v10.0.8

10.0.8 (2026-02-20)

Bug Fixes

  • use json-with-bigint instead of built-in JSON methods in order to properly support int64's (#798) (f13f5d9)

v10.0.7

10.0.7 (2025-11-13)

Bug Fixes

  • readme: properly structure the options for custom agent (#786) (f17c1c1), closes #785

v10.0.6

10.0.6 (2025-10-30)

Bug Fixes

  • deps: update dependency @​octokit/types to v16 (#783) (1aeac56)

v10.0.5

10.0.5 (2025-09-29)

... (truncated)

Commits
  • 554e102 fix: handle primitive JSON error bodies without throwing (#820)
  • 14cf144 build(deps-dev): bump undici from 7.24.0 to 7.28.0 (#813)
  • eccf620 chore(deps): update dependency esbuild to v0.28.1 [security] (#809)
  • 25b0838 fix: remove unused fast-content-type-parse dependency (#808)
  • b3d6b0b chore(deps): update dependency esbuild to ^0.28.0 (#804)
  • 7fdf739 ci(action): update actions/create-github-app-token action to v3 (#801)
  • 58b1f87 ci(action): update actions/add-to-project action to v2 (#806)
  • a9f64a0 fix(deps): switch to using the "content-type" package for content type parsin...
  • 4abc280 chore(deps): update dependency undici to v7.24.0 [security] (#800)
  • f13f5d9 fix: use json-with-bigint instead of built-in JSON methods in order to prop...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​octokit/request since your current version.


Updates @actions/github from 4.0.0 to 9.1.1

Changelog

Sourced from @​actions/github's changelog.

9.1.1

  • Bump undici from 6.23.0 to 6.24.0 #2346

9.1.0

  • Append actions_orchestration_id to user-agent when the ACTIONS_ORCHESTRATION_ID environment variable is set #2364

9.0.0

  • Breaking change: Package is now ESM-only
    • CommonJS consumers must use dynamic import() instead of require()
    • Example: const { getOctokit, context } = await import('@actions/github')
  • Fix TypeScript compilation by migrating to ESM, enabling proper imports from @octokit/core/types

8.0.1

  • Update undici to 6.23.0
  • Update @actions/http-client to 3.0.2

8.0.0

  • Update @​octokit dependencies
    • @octokit/core ^7.0.6
    • @octokit/plugin-paginate-rest ^14.0.0
    • @octokit/plugin-rest-endpoint-methods ^17.0.0
    • @octokit/request ^10.0.7
    • @octokit/request-error ^7.1.0
  • Breaking change: Minimum Node.js version is now 20 (previously 18)

7.0.0

  • Update to v3.0.1 of @actions/http-client

6.0.1

  • Dependency updates #2043
  • Add context.runAttempt #1588

6.0.0

  • Support the latest Octokit in @​actions/github #1553
    • Drop support of NodeJS v14, v16

5.1.1

  • Export default octokit options #1188

5.1.0

  • Add additionalPlugins parameter to getOctokit method #1181
  • Dependency updates #1180

... (truncated)

Commits
Maintainer changes

This version was pushed to npm by GitHub Actions, a new releaser for @​actions/github since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps [@octokit/request](https://github.com/octokit/request.js) to 10.0.11 and updates ancestor dependency [@actions/github](https://github.com/actions/toolkit/tree/HEAD/packages/github). These dependencies need to be updated together.


Updates `@octokit/request` from 5.4.10 to 10.0.11
- [Release notes](https://github.com/octokit/request.js/releases)
- [Commits](octokit/request.js@v5.4.10...v10.0.11)

Updates `@actions/github` from 4.0.0 to 9.1.1
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/github/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/github)

---
updated-dependencies:
- dependency-name: "@octokit/request"
  dependency-version: 10.0.11
  dependency-type: indirect
- dependency-name: "@actions/github"
  dependency-version: 9.1.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants