Skip to content

[SUPPORT]: Trouble upgrading Octokit with dependabot #681

New issue
New issue
Closed
Closed
[SUPPORT]: Trouble upgrading Octokit with dependabot#681
Labels
Type: SupportAny questions, information, or general needs around the SDK or GitHub APIs
@Van-Romel

Description

@Van-Romel
Van-Romel
opened on May 22, 2025

What happened?

The reported CVE is blocking the Dependabot upgrade.

Versions

"@octokit/core": "^7.0.2",
"@octokit/rest": "^21.1.1",
"@octokit/request": "^10.0.0",
"@octokit/request-error": "^7.0.0",
"@octokit/plugin-paginate-rest": "^13.0.0",

Relevant log output

Dependabot cannot update @octokit/plugin-paginate-rest to a non-vulnerable version
The latest possible version that can be installed is 2.21.3 because of the following conflicting dependencies:

> @octokit/[email protected] requires @octokit/plugin-paginate-rest@^11.4.2
> @probot/[email protected] requires @octokit/plugin-paginate-rest@^2.6.2 via [email protected]
> [email protected] requires @octokit/[email protected]
> No patched version available for @octokit/plugin-paginate-rest

The earliest fixed version is 9.2.2.

Code of Conduct

  • I agree to follow this project's Code of Conduct

Metadata

Metadata

Assignees

No one assigned

    Labels

    Type: SupportAny questions, information, or general needs around the SDK or GitHub APIs

    Type

    No type

    Projects

    🧰 Octokit Active

    Status

    ✅ Done

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions