[Snyk] Upgrade @octokit/webhooks from 7.18.1 to 10.0.9

[snyk-bot]

Snyk has created this PR to upgrade @octokit/webhooks from 7.18.1 to 10.0.9.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

Warning: This is a major version upgrade, and may be a breaking change.

• The recommended version is 102 versions ahead of your current version.
• The recommended version was released a month ago, on 2022-07-21.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Prototype Pollution SNYK-JS-Y18N-1021887	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-2407770	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-TRIMNEWLINES-1298042	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TMPL-1583443	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Arbitrary File Write SNYK-JS-TAR-1579155	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579152	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Write SNYK-JS-TAR-1579147	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536531	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Arbitrary File Overwrite SNYK-JS-TAR-1536528	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SSRI-1246392	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Privilege Management SNYK-JS-SHELLJS-2332187	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1585624	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1584358	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-NORMALIZEURL-1296539	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-LODASHSET-1320032	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Command Injection SNYK-JS-LODASH-1040724	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-JSONSCHEMA-1920922	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-INI-1048974	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Remote Code Execution (RCE) SNYK-JS-HANDLEBARS-1056767	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-ANSIREGEX-1583908	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-WS-1296835	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090602	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090601	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090600	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-VALIDATOR-1090599	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Authorization Bypass Through User-Controlled Key SNYK-JS-URLPARSE-2412697	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Authorization Bypass SNYK-JS-URLPARSE-2407759	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Access Restriction Bypass SNYK-JS-URLPARSE-2401205	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Open Redirect SNYK-JS-URLPARSE-1533425	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Improper Input Validation SNYK-JS-URLPARSE-1078283	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-UGLIFYJS-1727251	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TRIMOFFNEWLINES-1296850	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-2824151	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVERREGEX-1047770	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PROMPTS-1729737	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-PATHPARSE-1077067	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Denial of Service (DoS) SNYK-JS-NWSAPI-2841516	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Command Injection SNYK-JS-NODENOTIFIER-1035794	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Information Exposure SNYK-JS-NODEFETCH-2342118	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-LODASH-1018905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Reverse Tabnabbing SNYK-JS-ISTANBULREPORTS-2328088	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-IOREDIS-1567196	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-HOSTEDGITINFO-1088355	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Prototype Pollution SNYK-JS-HANDLEBARS-1279029	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-GLOBPARENT-1016905	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Information Exposure SNYK-JS-EVENTSOURCE-2823375	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept
	Regular Expression Denial of Service (ReDoS) SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Regular Expression Denial of Service (ReDoS) SNYK-JS-TAR-1536758	472/1000 Why? Proof of Concept exploit, CVSS 7.3	No Known Exploit
	Prototype Pollution SNYK-JS-MINIMIST-2429795	472/1000 Why? Proof of Concept exploit, CVSS 7.3	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Release notes

Package name: @octokit/webhooks

• 10.0.9 - 2022-07-21
  

  10.0.9 (2022-07-21)

  Bug Fixes

  • types: remove 'email' format for 'email' property in committer.schema.json from @ octokit/webhooks-types v6.2.4 (#715) (112dcdc)
• 10.0.8 - 2022-07-14
  

  10.0.8 (2022-07-14)

  Bug Fixes

  • types: description updates for the check_suite event (#713) (7ee43e5)
• 10.0.7 - 2022-07-08
  

  10.0.7 (2022-07-08)

  Bug Fixes

  • deps: update dependency @ octokit/request-error to v3 (#706) (459bf92)
• 10.0.6 - 2022-07-07
  

  10.0.6 (2022-07-07)

  Bug Fixes

  • deps: update dependency @ octokit/webhooks-methods to v3 (#705) (ae86cda)
• 10.0.5 - 2022-07-07
  

  10.0.5 (2022-07-07)

  Bug Fixes

  • types: description updates from @ octokit/webhooks-types v6.2.2 (#702) (87677a5)
• 10.0.4 - 2022-07-07
  

  10.0.4 (2022-07-07)

  Bug Fixes

  • types: updates from @ octokit/webhooks-types v6.2.1 (#701) (f370dd9)
• 10.0.3 - 2022-07-06
  

  10.0.3 (2022-07-06)

  Bug Fixes

  • types: updates from @ octokit/webhooks-types v6.2.0 (#700) (71c41cc)
• 10.0.2 - 2022-07-05
  

  10.0.2 (2022-07-05)

  Bug Fixes

  • types: updates from @ octokit/webhooks-types v6.1.2 (#699) (d91d5d5)
• 10.0.1 - 2022-07-01
  

  10.0.1 (2022-07-01)

  Bug Fixes

  • types: update the MarketplacePurchase#free_trial_ends_on property to also be a string (#697) (d7c4dce)
• 10.0.0 - 2022-06-26
  

  10.0.0 (2022-06-26)

  Features

  • drop NodeJS v10, v12 support + test NodeJS v18 (#555) (e887f05)

  BREAKING CHANGES

  • drop support for NodeJS <= 14 (Older than v14)
• 9.26.0 - 2022-06-12
• 9.25.0 - 2022-06-09
• 9.24.0 - 2022-04-28
• 9.23.0 - 2022-03-13
• 9.22.0 - 2022-01-04
• 9.21.0 - 2021-12-23
• 9.20.0 - 2021-11-23
• 9.19.0 - 2021-11-22
• 9.18.0 - 2021-11-17
• 9.17.0 - 2021-10-11
• 9.16.0 - 2021-10-06
• 9.15.1 - 2021-10-04
• 9.15.0 - 2021-09-15
• 9.14.2 - 2021-09-13
• 9.14.1 - 2021-09-05
• 9.14.0 - 2021-09-03
• 9.13.0 - 2021-09-02
• 9.12.0 - 2021-08-06
• 9.11.0 - 2021-07-18
• 9.10.0 - 2021-07-13
• 9.9.0 - 2021-07-06
• 9.8.4 - 2021-06-22
• 9.8.3 - 2021-06-21
• 9.8.2 - 2021-06-18
• 9.8.1 - 2021-06-18
• 9.8.0 - 2021-06-17
• 9.7.0 - 2021-06-09
• 9.6.3 - 2021-05-28
• 9.6.2 - 2021-05-24
• 9.6.1 - 2021-05-16
• 9.6.0 - 2021-05-11
• 9.5.1 - 2021-05-08
• 9.5.0 - 2021-05-07
• 9.4.0 - 2021-05-05
• 9.3.0 - 2021-04-29
• 9.2.0 - 2021-04-25
• 9.1.2 - 2021-04-23
• 9.1.1 - 2021-04-22
• 9.1.0 - 2021-04-20
• 9.0.1 - 2021-04-17
• 9.0.0 - 2021-04-14
• 9.0.0-beta.5 - 2021-04-11
• 9.0.0-beta.4 - 2021-04-10
• 9.0.0-beta.3 - 2021-03-30
• 9.0.0-beta.2 - 2021-03-30
• 9.0.0-beta.1 - 2021-03-30
• 8.12.3 - 2021-04-14
• 8.12.2 - 2021-04-11
• 8.12.1 - 2021-04-11
• 8.12.0 - 2021-04-02
• 8.11.2 - 2021-04-01
• 8.11.1 - 2021-04-01
• 8.11.0 - 2021-04-01
• 8.10.1 - 2021-03-31
• 8.10.0 - 2021-03-30
• 8.9.0 - 2021-03-30
• 8.8.3 - 2021-03-30
• 8.8.2 - 2021-03-29
• 8.8.1 - 2021-03-29
• 8.8.0 - 2021-03-28
• 8.7.2 - 2021-03-23
• 8.7.1 - 2021-03-22
• 8.7.0 - 2021-03-21
• 8.6.2 - 2021-03-21
• 8.6.1 - 2021-03-21
• 8.6.0 - 2021-03-19
• 8.5.4 - 2021-03-14
• 8.5.3 - 2021-03-05
• 8.5.2 - 2021-03-03
• 8.5.1 - 2021-03-02
• 8.5.0 - 2021-03-02
• 8.4.1 - 2021-02-18
• 8.4.0 - 2021-02-15
• 8.3.0 - 2021-02-13
• 8.2.0 - 2021-02-13
• 8.1.1 - 2021-02-12
• 8.1.0 - 2021-02-12
• 8.0.3 - 2021-02-11
• 8.0.2 - 2021-02-08
• 8.0.1 - 2021-02-05
• 8.0.0 - 2021-02-05
• 7.24.3 - 2021-02-07
• 7.24.2 - 2021-02-04
• 7.24.1 - 2021-02-03
• 7.23.0 - 2021-02-02
• 7.22.0 - 2021-02-02
• 7.21.0 - 2020-12-16
• 7.20.1 - 2020-12-15
• 7.20.0 - 2020-12-13
• 7.19.0 - 2020-12-13
• 7.18.3 - 2020-12-11
• 7.18.2 - 2020-12-11
• 7.18.1 - 2020-12-07

from @octokit/webhooks GitHub release notes

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs