fix(deps): update @octokit/core to 6.1.4

[MikeMcC399]

Situation

Dependabot reports:

• CVE-2025-25289 for @octokit/request-errror versions >= 1.0.0, < 5.1.1 needing patched version 5.1.1 and versions >= 6.0.0, < 6.1.7 needing patched version 6.1.7
• CVE-2025-25290 for @octokit/request versions >= 1.0.0, < 9.2.1 needing patched version 9.2.1

Assessment

These are the current dependency hierarchies:

$ npm ls @octokit/request-error
@cypress/github-action@0.0.0-development
└─┬ @octokit/core@4.2.0
  ├── @octokit/request-error@3.0.2
  └─┬ @octokit/request@6.2.2
    └── @octokit/request-error@3.0.2 deduped

$ npm ls @octokit/request
@cypress/github-action@0.0.0-development
└─┬ @octokit/core@4.2.0
  ├─┬ @octokit/graphql@5.0.4
  │ └── @octokit/request@6.2.2 deduped
  └── @octokit/request@6.2.2

As potential mitigation paths:

@octokit/core@4.2.4 uses vulnerable "@octokit/request-error": "^3.0.0"
@octokit/core@5.2.0 uses vulnerable "@octokit/request": "^8.3.1"

leaving only:

@octokit/core@6.1.4 that resolves the vulnerabilities and that is the lowest possible version

Other compatibility considerations:

@octokit/core@6.0.0 migrated to be an ESM package

Loading ECMAScript modules using require() was added into Node.js v20.17.0

GitHub Actions node20 uses NODE20_VERSION="20.18.2" (see https://github.com/actions/runner/blob/main/src/Misc/externals.sh) and so supports require(ESM).

Change

@octokit/core is updated from @octokit/core@4.2.0 to @octokit/core@6.1.4

This resolves the vulnerabilities reported by Dependabot.

[cypress-app-bot]

• Create a Draft Pull Request if your PR is not ready for review. Mark the PR as Ready for Review when you're ready for a Cypress team member to review the PR.

[github-actions]

🎉 This PR is included in version 6.7.12 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀