fix: strf-8574, bump version of "github" package to fix security issues

Node-github was renamed to @octokit/rest
bigcommerce · Aug 3, 2020 · 1013e3a · 1013e3a
1 parent 9e30b99
commit 1013e3a
Show file tree

Hide file tree

Showing 3 changed files with 276 additions and 175 deletions.
diff --git a/lib/release/release.js b/lib/release/release.js
@@ -8,7 +8,7 @@ const themePath = process.cwd();
 const git = require('simple-git')(themePath);
 const themeConfig = require('../theme-config').getInstance(themePath);
 const questions = require('./questions');
-const GitHub = require('github');
+const { Octokit } = require('@octokit/rest');
 const Bundle = require('../stencil-bundle');
 
 module.exports = () => {
@@ -128,19 +128,19 @@ function createGithubRelease(commit, version, changelog, remote, bundlePath, cal
     github.repos.createRelease(releaseParams)
         .then(release => {
             const uploadParams = {
-                id: release.id,
+                release_id: release.data.id,
                 owner: remote.owner,
                 repo: remote.repo,
-                filePath: bundlePath,
+                data: bundlePath,
                 name: `${themeConfig.getName()}-${version}.zip`,
             };
 
             console.log('Uploading Bundle File...');
 
-            github.repos.uploadAsset(uploadParams)
+            github.repos.uploadReleaseAsset(uploadParams)
                 .then(asset => {
-                    console.log(`Release url: ${release.html_url.green}`);
-                    console.log(`Bundle download url: ${asset.browser_download_url.green}`);
+                    console.log(`Release url: ${release.data.html_url.green}`);
+                    console.log(`Bundle download url: ${asset.data.browser_download_url.green}`);
 
                     callback();
                 })
@@ -260,14 +260,9 @@ function printWarning(message) {
 }
 
 function getGithubClient() {
-    const github = new GitHub();
-
-    github.authenticate({
-        type: 'oauth',
-        token: getGithubToken(),
+    return new Octokit({
+        auth: getGithubToken(),
     });
-
-    return github;
 }
 
 function isReleaseCandidate(version) {