build(deps): bump @octokit/request-error and @octokit/rest

[dependabot]

Bumps @octokit/request-error to 6.1.7 and updates ancestor dependency @octokit/rest. These dependencies need to be updated together.

Updates @octokit/request-error from 3.0.3 to 6.1.7

Release notes

Sourced from @​octokit/request-error's releases.

v6.1.7

6.1.7 (2025-02-13)

Bug Fixes

• ReDos regex vulnerability, reported by @​DayShift (d558320874a4bc8d356babf1079e6f0056a59b9e)

v6.1.6

6.1.6 (2024-12-29)

Bug Fixes

• deps: bump @octokit/types to fix Deno compat (#483) (e01d470)

v6.1.5

6.1.5 (2024-09-24)

Bug Fixes

• types: add explicit | undefined to optional fields (#462) (43fc3bd)

v6.1.4

6.1.4 (2024-07-11)

Bug Fixes

• improve perf of request error instantiations (#444) (ba04ffa)

v6.1.3

6.1.3 (2024-07-11)

Bug Fixes

• docs: correct title in README (#443) (e24d923)

v6.1.2

6.1.2 (2024-07-10)

Bug Fixes

• ensure statusCode is always an integer (#439) (6eb8634)

v6.1.1

6.1.1 (2024-04-16)

... (truncated)

Commits

• c346f5c fix: linting issues (#494)
• d558320 Merge commit from fork
• 5046116 chore(deps): update dependency esbuild to ^0.25.0 (#491)
• 50513ba build(deps): lock file maintenance (#490)
• bd5e83f build(deps): lock file maintenance (#488)
• d204ea3 build(deps): lock file maintenance (#486)
• ab1585a chore(deps): update vitest monorepo to v3 (major) (#487)
• 03a7e12 build(deps): lock file maintenance (#485)
• cb4feec build(deps): lock file maintenance (#484)
• e01d470 fix(deps): bump @octokit/types to fix Deno compat (#483)
• Additional commits viewable in compare view

Updates @octokit/rest from 19.0.13 to 21.1.1

Release notes

Sourced from @​octokit/rest's releases.

v21.1.1

21.1.1 (2025-02-14)

Bug Fixes

• deps: update Octokit dependencies to mitigate ReDos [security] (#484) (ca256c3)

v21.1.0

21.1.0 (2025-01-08)

Features

• new endpoints, bump Octokit deps to fix Deno (#477) (908b1c8)

v21.0.2

21.0.2 (2024-08-16)

Bug Fixes

• docs: update to react 18 and latest gatsby deps (#462) (9a80f06), closes #216 #230 #460

v21.0.1

21.0.1 (2024-07-17)

Bug Fixes

• update deps (#456) (93d5afb)

v21.0.0

21.0.0 (2024-06-20)

Features

• v21 (#413) (12b6c65)

BREAKING CHANGES

• package is now ESM

v21.0.0-beta.4

21.0.0-beta.4 (2024-06-19)

Bug Fixes

... (truncated)

Commits

• ca256c3 fix(deps): update Octokit dependencies to mitigate ReDos [security] (#484)
• e791111 chore(deps): update dependency esbuild to ^0.25.0 (#483)
• facaa50 build(deps-dev): Bump vitest and @​vitest/coverage-v8 (#481)
• 8a0c472 chore(deps): update dependency undici to v6.21.1 [security] (#480)
• 4abc914 chore(deps): update vitest monorepo to v3 (major) (#478)
• 908b1c8 feat: new endpoints, bump Octokit deps to fix Deno (#477)
• 751b522 chore(deps): update dependency fetch-mock to v12 (#470)
• 5ad12fd chore(deps): update dependency @​types/node to v22 (#472)
• c88980a ci(action): update actions/checkout digest to 11bd719 (#469)
• 94443df ci(action): update actions/checkout digest to eef6144 (#467)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[ibcheckmarx]

Checkmarx One – Scan Summary & Details – 4454f80f-7cec-4d42-9555-74761f2377ee

New Issues (11)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2021-3807	Npm-ansi-regex-2.1.1	details Recommended version: 3.0.1 Description: The package ansi-regex versions 3.x prior to 3.0.1, 4.x prior to 4.1.1, 5.x prior to 5.0.1 and 6.0.x prior to 6.0.1 is vulnerable to Inefficient Re... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
	CVE-2024-21538	Npm-cross-spawn-7.0.3	details Recommended version: 7.0.5 Description: Versions of the package cross-spawn prior to 6.0.6 and 7.x prior to 7.0.5 are vulnerable to Regular Expression Denial of Service (ReDoS), due to im... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
	CVE-2024-4068	Npm-braces-3.0.2	details Recommended version: 3.0.3 Description: The NPM package "braces", versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
	Cxdca8e59f-8bfe	Npm-inflight-1.0.6	details Description: In NPM `inflight` there is a Memory Leak because some resources are not freed correctly after being used. It appears to affect all versions, as the... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
	CVE-2024-24758	Npm-undici-5.28.2	details Recommended version: 5.28.5 Description: Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici already cleared Authorization headers on cross-origin redirects, but did not... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
	CVE-2024-30260	Npm-undici-5.28.2	details Recommended version: 5.28.5 Description: Undici is an HTTP/1.1 client, written from scratch for Node.js. Undici cleared Authorization and Proxy-Authorization headers for `fetch()`, but did... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
	CVE-2024-4067	Npm-micromatch-4.0.5	details Recommended version: 4.0.8 Description: The NPM package "micromatch" prior to 4.0.8 is vulnerable to Regular Expression Denial of Service (ReDoS). The vulnerability occurs in "micromatch.... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
	CVE-2025-22150	Npm-undici-5.28.2	details Recommended version: 5.28.5 Description: Undici is an HTTP/1.1 client. In affected versions, undici uses `Math.random()` to choose the boundary for a multipart/form-data request. It is kno... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
	CVE-2024-30261	Npm-undici-5.28.2	details Recommended version: 5.28.5 Description: Undici is an HTTP/1.1 client, written from scratch for Node.js. An attacker can alter the 'integrity' option passed to 'fetch()', allowing 'fetch()... Attack Vector: NETWORK Attack Complexity: LOW Vulnerable Package
	Cx8bc4df28-fcf5	Npm-debug-4.3.4	details Recommended version: 4.4.0 Description: In NPM "debug" versions prior to 4.4.0, the "enable" function accepts a regular expression from user input without escaping it. Arbitrary regular e... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package
	Cx8bc4df28-fcf5	Npm-debug-3.2.7	details Recommended version: 4.4.0 Description: In NPM "debug" versions prior to 4.4.0, the "enable" function accepts a regular expression from user input without escaping it. Arbitrary regular e... Attack Vector: NETWORK Attack Complexity: HIGH Vulnerable Package