[Snyk] Upgrade @octokit/plugin-paginate-rest from 9.0.0 to 11.4.3

[nerdy-tech-com-gitub]

Snyk has created this PR to upgrade @octokit/plugin-paginate-rest from 9.0.0 to 11.4.3.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

⚠️ Warning: This PR contains major version upgrade(s), and may be a breaking change.

• The recommended version is 31 versions ahead of your current version.

• The recommended version was released 22 days ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Insecure Randomness SNYK-JS-UNDICI-8641354	89	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-OCTOKITPLUGINPAGINATEREST-8730855	89	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-OCTOKITREQUESTERROR-8730854	89	Proof of Concept
	Information Exposure SNYK-JS-UNDICI-5962466	89	No Known Exploit
	Permissive Cross-domain Policy with Untrusted Domains SNYK-JS-UNDICI-6252336	89	No Known Exploit
	Improper Access Control SNYK-JS-UNDICI-6564963	89	No Known Exploit
	Improper Authorization SNYK-JS-UNDICI-6564964	89	No Known Exploit

Release notes

Package name: @octokit/plugin-paginate-rest

• 11.4.3 - 2025-02-24
  

  11.4.3 (2025-02-24)

  Bug Fixes

  • types: correct pagination return type for data which is an array (#662) (9a51aad), closes #661
• 11.4.2 - 2025-02-13
  

  11.4.2 (2025-02-13)

  Bug Fixes

  • types: add back the pagination keys (#653) (8b8c500), closes #652
• 11.4.1 - 2025-02-13
  

  11.4.1 (2025-02-13)

  Bug Fixes

  • mitigate ReDos issues & linting issues (#659) (7d1fade), fixes #657
• 11.4.0 - 2025-01-08
  

  11.4.0 (2025-01-08)

  Features

  • new action runner groups endpoints, new code scanning alerts autofix endpoints, new sub-issues endpoints, new private registries enpoints, new code security endpoints, various description updates (#646) (a73883f)
• 11.3.6 - 2024-11-26
  

  11.3.6 (2024-11-26)

  Bug Fixes

  • types: bump @ octokit/types to improve Deno compatibility (#642) (acb6a6e)
• 11.3.5 - 2024-09-29
  

  11.3.5 (2024-09-29)

  Bug Fixes

  • types: improve type extraction for namespaced responses and correct async iterator types (#637) (e95444d)
• 11.3.4 - 2024-09-27
  

  11.3.4 (2024-09-27)

  Bug Fixes

  • deps: bump @ octokit/types (#636) (b2dc51c)
• 11.3.3 - 2024-07-01
  

  11.3.3 (2024-07-01)

  This is the same release as v11.3.0

  Bug Fixes

  • empty commit to trigger release (#623) (36b40b3), closes #622
• 11.3.1 - 2024-05-02
• 11.3.0 - 2024-04-29
• 11.2.0 - 2024-04-22
• 11.1.1 - 2024-04-16
• 11.1.0 - 2024-04-11
• 11.0.1 - 2024-04-09
• 11.0.0 - 2024-04-06
• 10.1.0 - 2024-04-04
• 10.0.0 - 2024-03-04
• 10.0.0-beta.4 - 2024-03-01
• 10.0.0-beta.3 - 2024-02-27
• 10.0.0-beta.2 - 2024-02-27
• 10.0.0-beta.1 - 2024-02-25
• 9.3.0-beta.1 - 2024-02-25
• 9.2.2 - 2025-02-15
  

  9.2.2 (2025-02-15)

  Bug Fixes

  • ReDos regex vulnerability, reported by @ dayshift (#660) (e1e4489)
• 9.2.1 - 2024-03-01
• 9.2.0 - 2024-02-22
• 9.1.5 - 2023-12-04
• 9.1.4 - 2023-11-12
• 9.1.3 - 2023-11-09
• 9.1.2 - 2023-10-26
• 9.1.1 - 2023-10-25
• 9.1.0 - 2023-10-24
• 9.0.0 - 2023-09-23

from @octokit/plugin-paginate-rest GitHub release notes

---

Important

• Warning: This PR contains a major version upgrade, and may be a breaking change.
• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Summary by Sourcery

Upgrade @octokit/plugin-paginate-rest from 9.0.0 to 11.4.3 to address multiple vulnerabilities, including Regular Expression Denial of Service (ReDoS) and Insecure Randomness.

Bug Fixes:

• Fixes Regular Expression Denial of Service (ReDoS) vulnerability.
• Fixes Insecure Randomness vulnerability.

Enhancements:

• Includes new action runner groups endpoints, new code scanning alerts autofix endpoints, new sub-issues endpoints, new private registries enpoints, new code security endpoints, various description updates.

[sourcery-ai]

Reviewer's Guide by Sourcery

This pull request upgrades the @octokit/plugin-paginate-rest dependency from version 9.0.0 to 11.4.3. This upgrade includes several bug fixes and new features, as well as mitigations for ReDoS vulnerabilities.

Updated class diagram for @octokit/plugin-paginate-rest

classDiagram
  class OctokitPluginPaginateRest {
    <<interface>>
    +paginate(response: any, iterator: function): AsyncIterableIterator
  }
  note for OctokitPluginPaginateRest "This class provides a paginate method for iterating over paginated API responses from Octokit"

Loading

File-Level Changes

Change	Details	Files
The pull request upgrades the @octokit/plugin-paginate-rest dependency to the latest version.	Updated @octokit/plugin-paginate-rest from version 9.0.0 to 11.4.3.	packages/github/package.json

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!
• Generate a plan of action for an issue: Comment @sourcery-ai plan on
  an issue to generate a plan of action for it.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

We have skipped reviewing this pull request. Here's why:

• It seems to have been created by a bot ('[Snyk]' found in title). We assume it knows what it's doing!
• We don't review packaging changes - Let us know if you'd like us to change this.