Skip to content

chore(deps): update dependency semantic-release to v25#3025

Open
renovate[bot] wants to merge 1 commit intomainfrom
renovate/major-semantic-release-monorepo
Open

chore(deps): update dependency semantic-release to v25#3025
renovate[bot] wants to merge 1 commit intomainfrom
renovate/major-semantic-release-monorepo

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Dec 12, 2025
edited
Loading

This PR contains the following updates:

Package Change Age Confidence
semantic-release ^24.2.9^25.0.3 age confidence

Release Notes

semantic-release/semantic-release (semantic-release)

v25.0.3

Compare Source

Bug Fixes

v25.0.2

Compare Source

Bug Fixes

v25.0.1

Compare Source

Bug Fixes

v25.0.0

Compare Source

Bug Fixes
  • deps: update dependency hosted-git-info to v9 (9fa04f8)
  • deps: update dependency yargs to v18 (#​3745) (cde9a72)
  • deps: update to the stable version of the github plugin (f12cf81)
  • deps: update to the stable version of the release-notes-generator plugin (d9def72)
  • deps: updated to the stable version of the commit-analyzer plugin (291533b)
  • deps: upgrade to the new major version of the npm plugin, which upgrades npm to v11 for publishing (1be8290)
Features
  • node-versions: drop support for node versions v20, v21, and v23 (56d16f4)
  • node-versions: raise the minimum node version for the v24 range (116a188)
BREAKING CHANGES
  • node-versions: the minimum node version for the v24 range is now v24.10.0
  • node-versions: a minimum of node v22.14 is now required

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) in timezone America/New_York, Automerge - Monday through Friday ( * * * * 1-5 ) in timezone America/New_York.

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added dependencies Pull requests that update a dependency file renovate-bot labels Dec 12, 2025
@renovate renovate bot added the dependencies Pull requests that update a dependency file label Dec 12, 2025
@renovate renovate bot requested review from a team and Justineo as code owners December 12, 2025 05:15
@netlify
Copy link

netlify bot commented Dec 12, 2025
edited
Loading

Deploy Preview for kongponents-sandbox ready!

Name Link
🔨 Latest commit 8fb9d1f
🔍 Latest deploy log https://app.netlify.com/projects/kongponents-sandbox/deploys/6981957222f5bd000802b315
😎 Deploy Preview https://deploy-preview-3025--kongponents-sandbox.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify
Copy link

netlify bot commented Dec 12, 2025
edited
Loading

Deploy Preview for kongponents ready!

Name Link
🔨 Latest commit 8fb9d1f
🔍 Latest deploy log https://app.netlify.com/projects/kongponents/deploys/69819572fccc7a00083be7b7
😎 Deploy Preview https://deploy-preview-3025--kongponents.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@renovate renovate bot force-pushed the renovate/major-semantic-release-monorepo branch from f653afa to 36e2afc Compare December 17, 2025 06:57
@renovate renovate bot force-pushed the renovate/major-semantic-release-monorepo branch 2 times, most recently from dafc59d to 1d0efc9 Compare December 26, 2025 15:55
@renovate renovate bot force-pushed the renovate/major-semantic-release-monorepo branch from 1d0efc9 to 4f9e624 Compare January 1, 2026 07:41
portikM
portikM previously approved these changes Jan 5, 2026
View reviewed changes
@portikM portikM enabled auto-merge (squash) January 5, 2026 18:07
@kongponents-bot
Copy link
Collaborator

kongponents-bot commented Jan 5, 2026

🔴 PR audit failed. 🔴

🔥 PNPM Audit issues detected.

┌─────────────────────┬────────────────────────────────────────────────────────┐
│ high                │ qs's arrayLimit bypass in its bracket notation allows  │
│                     │ DoS via memory exhaustion                              │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ qs                                                     │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <6.14.1                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ >=6.14.1                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ .>cypress>@cypress/request>qs                          │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-6rw7-vpxm-498p      │
└─────────────────────┴────────────────────────────────────────────────────────┘
1 vulnerabilities found
Severity: 1 high

PR with those issues cannot be merged.

How to resolve:

  • Check open renovate PRs for updates to the dependencies mentioned in the audit report
  • try to update dependencies listed in the audit report to the latest versions
  • use pnpm audit --fix to automatically fix issues

@renovate renovate bot force-pushed the renovate/major-semantic-release-monorepo branch from 4f9e624 to b496e7b Compare January 9, 2026 06:44
adamdehaven
adamdehaven previously approved these changes Jan 13, 2026
View reviewed changes
@renovate renovate bot force-pushed the renovate/major-semantic-release-monorepo branch 3 times, most recently from beddfa2 to f4ffdaf Compare January 17, 2026 06:03
@renovate renovate bot force-pushed the renovate/major-semantic-release-monorepo branch 3 times, most recently from dccdb01 to e59e99e Compare January 23, 2026 06:56
@renovate renovate bot force-pushed the renovate/major-semantic-release-monorepo branch 2 times, most recently from bd5b9a9 to c8d8b63 Compare January 29, 2026 06:30
@renovate
chore(deps): update dependency semantic-release to v25
8fb9d1f 
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot force-pushed the renovate/major-semantic-release-monorepo branch from c8d8b63 to 8fb9d1f Compare February 3, 2026 06:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adamdehaven adamdehaven adamdehaven left review comments

@portikM portikM portikM left review comments

@kongponents-bot kongponents-bot Awaiting requested review from kongponents-bot kongponents-bot is a code owner

@jillztom jillztom Awaiting requested review from jillztom jillztom is a code owner

@kaiarrowood kaiarrowood Awaiting requested review from kaiarrowood kaiarrowood is a code owner

@Justineo Justineo Awaiting requested review from Justineo Justineo is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file renovate-bot

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@kongponents-bot @adamdehaven @portikM