fix(lambda): bump the octokit group in /lambdas with 5 updates

[dependabot]

Bumps the octokit group in /lambdas with 5 updates:

Package	From	To
@octokit/auth-app	8.1.1	8.1.2
@octokit/core	7.0.5	7.0.6
@octokit/plugin-throttling	11.0.2	11.0.3
@octokit/rest	22.0.0	22.0.1
@octokit/types	13.10.0	16.0.0

Updates @octokit/auth-app from 8.1.1 to 8.1.2

Release notes

Sourced from @​octokit/auth-app's releases.

v8.1.2

8.1.2 (2025-10-31)

Bug Fixes

• deps: update dependency @​octokit/types to v16 (#731) (016958a)

Commits

• 016958a fix(deps): update dependency @​octokit/types to v16 (#731)
• 6290a83 ci(action): update peter-evans/create-or-update-comment action to v5 (#723)
• 767ba94 ci(action): update actions/setup-node action to v6 (#727)
• a6b03f2 ci(action): update github/codeql-action action to v4 (#726)
• f6eb9c8 chore(deps): update dependency node to v24 (#730)
• f50e21a ci(action): update actions/setup-node action to v5 (#718)
• 7f24cee build(deps): lock file maintenance (#719)
• See full diff in compare view

Updates @octokit/core from 7.0.5 to 7.0.6

Release notes

Sourced from @​octokit/core's releases.

v7.0.6

7.0.6 (2025-10-31)

Bug Fixes

• deps: update dependency @​octokit/types to v16 (#759) (951bd35)

Commits

• 951bd35 fix(deps): update dependency @​octokit/types to v16 (#759)
• 48961f8 ci(action): update peter-evans/create-or-update-comment action to v5 (#751)
• f65e546 ci(action): update github/codeql-action action to v4 (#753)
• c95a0d6 chore(deps): update dependency @​types/sinonjs__fake-timers to v15 (#756)
• e0fcb16 ci(action): update actions/setup-node action to v6 (#754)
• See full diff in compare view

Updates @octokit/plugin-throttling from 11.0.2 to 11.0.3

Release notes

Sourced from @​octokit/plugin-throttling's releases.

v11.0.3

11.0.3 (2025-10-31)

Bug Fixes

• deps: update dependency @​octokit/types to v16 (#811) (d87092d)

Commits

• c253528 chore(deps): update dependency node to v24 (#809)
• d87092d fix(deps): update dependency @​octokit/types to v16 (#811)
• e3de64b ci(action): update github/codeql-action action to v4 (#805)
• 0673f3e ci(action): update actions/setup-node action to v6 (#806)
• See full diff in compare view

Updates @octokit/rest from 22.0.0 to 22.0.1

Release notes

Sourced from @​octokit/rest's releases.

v22.0.1

22.0.1 (2025-10-31)

Bug Fixes

• deps: update octokit monorepo (major) (#538) (ded2f17)

Commits

• daa3ec9 ci(action): update actions/setup-node action to v6 (#534)
• 1dec0c7 ci(action): update peter-evans/create-or-update-comment action to v5 (#531)
• ded2f17 fix(deps): update octokit monorepo (major) (#538)
• 0e0eaea chore(deps): update dependency @​types/node to v24 (#537)
• c04acc8 chore(deps): update vitest monorepo to v4 (major) (#536)
• e6dd306 chore(deps): update dependency undici to v7 (#474)
• 5f380d0 build(deps-dev): Bump form-data from 4.0.2 to 4.0.4 in /docs (#520)
• dc6827d build(deps-dev): Bump tar-fs from 2.1.2 to 2.1.3 in /docs (#516)
• See full diff in compare view

Updates @octokit/types from 13.10.0 to 16.0.0

Release notes

Sourced from @​octokit/types's releases.

v16.0.0

16.0.0 (2025-10-30)

Features

• add immutable releases, enterprise team membership, enterprise team organization, custom runner images, many type additions and improvements (#693) (dc1ceeb)

BREAKING CHANGES

• Removed endpoints

v15.0.2

15.0.2 (2025-10-29)

Bug Fixes

• update generated file & update dependency node to v24 (#691) (f5f5743)

v15.0.1

15.0.1 (2025-10-20)

Bug Fixes

• reduce complexity (#687) (a0529c1)

v15.0.0

15.0.0 (2025-09-16)

Features

• new Projects v2 endpoints, new code scanning dismissal endpoints, many other endpoints (#683) (56ff680)

BREAKING CHANGES

• remove project card endpoints for classic projects

v14.1.0

14.1.0 (2025-05-25)

Features

• new GET /users/{username}/settings/billing/usage, POST /credentials/revoke endpoints, endpoint type updates, type performance fixes (#675) (a7ec830), closes #667 #666

... (truncated)

Commits

• dc1ceeb feat: add immutable releases, enterprise team membership, enterprise team org...
• f5f5743 fix: update generated file & update dependency node to v24 (#691)
• a0529c1 fix: reduce complexity (#687)
• 435bdcc ci(action): update peter-evans/create-or-update-comment action to v5 (#684)
• 52ffdca ci(action): update actions/setup-node action to v6 (#689)
• aaf87a2 ci(action): update github/codeql-action action to v4 (#688)
• db7d9bc chore(deps): update dependency semantic-release to v25 (#690)
• 56ff680 feat: new Projects v2 endpoints, new code scanning dismissal endpoints, many ...
• 7ef763e ci(action): update actions/checkout action to v5 (#679)
• 1ce7ba2 chore(deps): update dependency node to v22 (#677)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
npm/@octokit/auth-app	8.1.2	🟢 7.2	Details Check Score Reason Security-Policy 🟢 9 security policy file detected Maintained 🟢 7 8 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 7 Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 9 1 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/core	7.0.6	🟢 6.9	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 5 5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 9 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 8 2 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/plugin-throttling	11.0.3	🟢 6.7	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Maintained 🟢 3 3 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3 Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 7 3 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/rest	22.0.1	🟢 5.9	Details Check Score Reason Maintained ⚠️ 2 0 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 19 existing vulnerabilities detected
npm/@octokit/types	^16.0.0	🟢 7.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Maintained 🟢 10 12 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 7 3 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/rest	22.0.1	🟢 5.9	Details Check Score Reason Maintained ⚠️ 2 0 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 19 existing vulnerabilities detected
npm/@octokit/rest	22.0.1	🟢 5.9	Details Check Score Reason Maintained ⚠️ 2 0 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 19 existing vulnerabilities detected
npm/@octokit/types	^16.0.0	🟢 7.3	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Maintained 🟢 10 12 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10 Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 7 3 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/auth-app	8.1.2	🟢 7.2	Details Check Score Reason Security-Policy 🟢 9 security policy file detected Maintained 🟢 7 8 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 7 Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 9 1 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/auth-oauth-app	9.0.3	🟢 7.1	Details Check Score Reason Security-Policy 🟢 9 security policy file detected Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Maintained 🟢 5 5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Vulnerabilities 🟢 9 1 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits
npm/@octokit/auth-oauth-device	8.0.3	🟢 6.6	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Maintained 🟢 5 6 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 9 1 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/auth-oauth-user	6.0.2	🟢 7.2	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 9 security policy file detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Maintained 🟢 5 6 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Code-Review 🟢 10 all changesets reviewed CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 9 1 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/core	7.0.6	🟢 6.9	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 10 all changesets reviewed Maintained 🟢 5 5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 9 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 8 2 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/endpoint	11.0.2	🟢 5.8	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review 🟢 8 Found 5/6 approved changesets -- score normalized to 8 Security-Policy 🟢 9 security policy file detected Maintained 🟢 3 3 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Packaging 🟢 10 packaging workflow detected Vulnerabilities ⚠️ 0 10 existing vulnerabilities detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/graphql	9.0.3	🟢 7	Details Check Score Reason Security-Policy 🟢 9 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 5 6 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 9 1 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/oauth-methods	6.0.2	🟢 5.8	Details Check Score Reason Maintained ⚠️ 1 1 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 1 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 10 all changesets reviewed Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Security-Policy ⚠️ 0 security policy file not detected Vulnerabilities 🟢 6 4 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits
npm/@octokit/plugin-paginate-rest	14.0.0	🟢 6.7	Details Check Score Reason Maintained 🟢 6 5 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 6 Code-Review 🟢 9 Found 10/11 approved changesets -- score normalized to 9 Security-Policy 🟢 9 security policy file detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 6 4 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/plugin-rest-endpoint-methods	17.0.0	🟢 7.4	Details Check Score Reason Maintained 🟢 10 11 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 10 Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 8 2 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/plugin-throttling	11.0.3	🟢 6.7	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Maintained 🟢 3 3 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3 Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 7 3 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/request	10.0.6	🟢 6.6	Details Check Score Reason Code-Review 🟢 8 Found 6/7 approved changesets -- score normalized to 8 Maintained 🟢 5 5 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 5 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy 🟢 9 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 7 3 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/request-error	7.0.2	🟢 6.8	Details Check Score Reason Code-Review 🟢 7 Found 3/4 approved changesets -- score normalized to 7 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 6 7 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 6 Security-Policy 🟢 9 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Vulnerabilities 🟢 9 1 existing vulnerabilities detected Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits
npm/@octokit/rest	22.0.1	🟢 5.9	Details Check Score Reason Maintained ⚠️ 2 0 commit(s) and 3 issue activity found in the last 90 days -- score normalized to 2 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 9 security policy file detected Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 0 19 existing vulnerabilities detected

Scanned Files

• lambdas/functions/control-plane/package.json
• lambdas/functions/gh-agent-syncer/package.json
• lambdas/functions/webhook/package.json
• lambdas/yarn.lock

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.