toolkit icon indicating copy to clipboard operation
toolkit copied to clipboard
verified publisher icon actions

Bump octokit plugin-paginate-rest to address ReDoS vulnerability

Open mislav opened this issue 10 months ago • 1 comments

Fixes https://github.com/actions/toolkit/issues/1960 Ref. https://github.com/advisories/GHSA-h5c3-5r3r-rr8q

Note that npm audit will still show the updated version as vulnerable, even though it is patched: https://github.com/npm/cli/issues/8125. Hopefully Dependabot figures it out.

mislav avatar Mar 04 '25 17:03 mislav

I have pushed a change that additionally bumps @octokit/plugin-rest-endpoint-methods to address the tsc failure. https://github.com/actions/toolkit/actions/runs/13659205450/job/38226562748

mislav avatar Mar 07 '25 11:03 mislav

https://github.com/actions/toolkit/pull/2043

mislav avatar May 26 '25 09:05 mislav