Open
Conversation
renovate
bot
added
the
c: dependencies
Contributor
|
Important Review skippedBot user detected. To trigger a single review, invoke the You can disable this status message by setting the
Comment |
Contributor
|
Thank you for following the naming conventions! 🙏 |
renovate
bot
force-pushed
the
renovate/minor-updates
branch
3 times, most recently
from
3d63965 to
d84ee6e
Compare
@anolilab/multi-semantic-release
@anolilab/rc
@anolilab/semantic-release-clean-package-json
@anolilab/semantic-release-pnpm
@anolilab/semantic-release-preset
commit: |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #246 +/- ##
=======================================
Coverage 84.67% 84.67%
=======================================
Files 47 47
Lines 1429 1429
Branches 390 374 -16
=======================================
Hits 1210 1210
+ Misses 210 209 -1
- Partials 9 10 +1
🚀 New features to boost your workflow:
|
renovate
bot
force-pushed
the
renovate/minor-updates
branch
from
d84ee6e to
6e38556
Compare
renovate
bot
force-pushed
the
renovate/minor-updates
branch
2 times, most recently
from
c4acdf9 to
c5574ce
Compare
renovate
bot
force-pushed
the
renovate/minor-updates
branch
from
c5574ce to
483bfc0
Compare
|
All alerts resolved. Learn more about Socket for GitHub. This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. |
renovate
bot
force-pushed
the
renovate/minor-updates
branch
2 times, most recently
from
a76d468 to
3d3eda6
Compare
renovate
bot
force-pushed
the
renovate/minor-updates
branch
from
3d3eda6 to
60fd7fa
Compare
renovate
bot
force-pushed
the
renovate/minor-updates
branch
from
60fd7fa to
08b1178
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/minor-updates
branch
5 times, most recently
from
eb8b917 to
56854e3
Compare
renovate
bot
changed the title
renovate
bot
force-pushed
the
renovate/minor-updates
branch
3 times, most recently
from
4d1f2d9 to
5a027b1
Compare
renovate
bot
force-pushed
the
renovate/minor-updates
branch
from
5a027b1 to
0727a12
Compare
renovate
bot
force-pushed
the
renovate/minor-updates
branch
2 times, most recently
from
3b37c96 to
7dec334
Compare
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
renovate
bot
force-pushed
the
renovate/minor-updates
branch
4 times, most recently
from
c7339ab to
09c6f2f
Compare
renovate
bot
force-pushed
the
renovate/minor-updates
branch
5 times, most recently
from
5f01f00 to
7c0d35b
Compare
renovate
bot
force-pushed
the
renovate/minor-updates
branch
4 times, most recently
from
c3fe6ae to
2edfdc5
Compare
renovate
bot
force-pushed
the
renovate/minor-updates
branch
2 times, most recently
from
2ecd0c8 to
2de8e9a
Compare
Signed-off-by: Renovate Bot <bot@renovateapp.com>
renovate
bot
force-pushed
the
renovate/minor-updates
branch
from
2de8e9a to
f92bfa9
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
9.0.0→9.1.15.1.0→5.2.054.3.2→54.6.13.1.1→3.2.1^16.2.7→^16.4.010.27.0→10.32.1^19.9.2→^19.10.03.1.2→3.2.04.9.0→4.11.0Release Notes
anolilab/javascript-style-guide (@anolilab/commitlint-config)
v9.1.1Compare Source
Bug Fixes
Dependencies
v9.1.0Compare Source
Miscellaneous Chores
Dependencies
anolilab/semantic-release (@anolilab/semantic-release-clean-package-json)
v5.2.0Compare Source
Dependencies
ckeditor/ckeditor5-dev (@ckeditor/typedoc-plugins)
v54.6.1Compare Source
Bug fixes
ci: Added support for excluding
testsandexternalfolders fromckeditor5-dev-ci-trigger-snyk-scandependency monitoring, with overrides available via--exclude.ci: Fixed
ckeditor5-dev-ci-circle-workflow-notifierto treat canceled CircleCI jobs as finished workflow states and errors. Closes ckeditor/ckeditor5#19978.This prevents the notifier from hanging when a job is canceled and propagates canceled parent jobs to their dependents.
Released packages
Check out the Versioning policy guide for more information.
Released packages (summary)
Other releases:
v54.6.0Compare Source
Features
ckeditor5-dev-ci-trigger-snyk-scanscript for triggering Snyk scans on CircleCI for the current branch.Released packages
Check out the Versioning policy guide for more information.
Released packages (summary)
Releases containing new features:
Other releases:
v54.5.0Compare Source
Features
release-tools: Added a
disallowLatestNpmTagoption topublishPackages()and npm tag validation so release workflows can explicitly block publishing with thelatestdist-tag. Closes ckeditor/ckeditor5#19952.When enabled, attempting to publish with
npmTag: 'latest'now fails before publishing starts.Released packages
Check out the Versioning policy guide for more information.
Released packages (summary)
Releases containing new features:
Other releases:
v54.4.0Compare Source
Features
release-tools: The
createGithubRelease()task now accepts anisLatestoption (defaults totrue) that controls whether the GitHub release is marked as the latest. Set it tofalseto publish a release without overwriting the "latest" label - useful when maintaining older major branches alongside a newer one. Closes ckeditor/ckeditor5#19929.release-tools: Added support for publishing stable releases with the
latest-v{X}dist-tag, including strict validation that the tag major matches the released version major. Closes ckeditor/ckeditor5#19874.Existing tag behavior (
latest,staging,next, pre-release tags, and custom tags) remains backward compatible.Other changes
Released packages
Check out the Versioning policy guide for more information.
Released packages (summary)
Releases containing new features:
Other releases:
v54.3.4Compare Source
Bug fixes
build-tools: Always log TypeScript errors, even when the
declarationsoption is not set orfalse.ci: Made
ckeditor5-dev-ci-circle-workflow-notifierresilient to unstable CircleCI API responses by adding retries, response shape validation, and clearer hard-fail reasons. Closes ckeditor/ckeditor5#19763.The notifier now retries transient API failures up to 5 times with delays, fails fast for non-retryable API errors, and reports when manual workflow verification is required.
Released packages
Check out the Versioning policy guide for more information.
Released packages (summary)
Other releases:
v54.3.3Compare Source
Bug fixes
ckeditor5-dev-tests-run-automatedandckeditor5-dev-tests-run-manualto prevent aTypeErrorwhen test execution fails.Other changes
1920x1080window size for consistent and predictable test results.Released packages
Check out the Versioning policy guide for more information.
Released packages (summary)
Other releases:
sebbo2002/semantic-release-jsr (@sebbo2002/semantic-release-jsr)
v3.2.1Compare Source
v3.2.0Compare Source
Features
3.1.1 (2026-01-25)
Bug Fixes
contextoptional (1876f26)lint-staged/lint-staged (lint-staged)
v16.4.0Compare Source
Minor Changes
687fc90Thanks @hyperz111! - Replacemicromatchwithpicomatchto reduce dependencies.v16.3.4Compare Source
Patch Changes
9d6e827Thanks @iiroj! - Update dependencies, includingtinyexec@1.0.4to make sure localnode_modules/.binare preferred to global locations (released intinyexec@1.0.3).v16.3.3Compare Source
Patch Changes
0109e8dThanks @iiroj! - Make sure Git's warning about CRLF line-endings doesn't interfere with creating initial backup stash.v16.3.2Compare Source
Patch Changes
2adaf6cThanks @iiroj! - Hide the extracmdwindow on Windows by spawning tasks without thedetachedoption.v16.3.1Compare Source
Patch Changes
cd5d762Thanks @iiroj! - Removenano-spawnas a dependency frompackage.jsonas it was replaced withtinyexecand is no longer used.v16.3.0Compare Source
Minor Changes
#1698
feda37aThanks @iiroj! - Run external processes withtinyexecinstead ofnano-spawn.nano-spawnreplacedexecain lint-staged version 16 to limit the amount of npm dependencies required, but caused some unknown issues related to spawning tasks. Let's hopetinyexecimproves the situation.#1699
1346d16Thanks @iiroj! - Removepidtreeas a dependency. When a task fails, its sub-processes are killed more efficiently via the process group on Unix systems, and thetaskkillcommand on Windows.Patch Changes
87467aaThanks @iiroj! - Incorrect brace expansions like*.{js}(nothing to expand) are detected exhaustively, instead of just a single pass.pnpm/pnpm (pnpm)
v10.32.1: pnpm 10.32.1Compare Source
Patch Changes
pnpm-workspace.yamlwithout apackagesfield caused all directories to be treated as workspace projects. This broke projects that usepnpm-workspace.yamlonly for settings (e.g.minimumReleaseAge) without defining workspace packages #10909.Platinum Sponsors
Gold Sponsors
v10.32.0: pnpm 10.32Compare Source
Minor Changes
--allflag topnpm approve-buildsthat approves all pending builds without interactive prompts #10136.Patch Changes
lockfile-include-tarball-url. Fixes #10915.Platinum Sponsors
Gold Sponsors
v10.31.0Compare Source
v10.30.3Compare Source
v10.30.2Compare Source
v10.30.1: pnpm 10.30.1Compare Source
Patch Changes
/-/npm/v1/security/audits/quickendpoint as the primary audit endpoint, falling back to/-/npm/v1/security/auditswhen it fails #10649.Platinum Sponsors
Gold Sponsors
v10.30.0: pnpm 10.30Compare Source
Minor Changes
pnpm whynow shows a reverse dependency tree. The searched package appears at the root with its dependents as branches, walking back to workspace roots. This replaces the previous forward-tree output which was noisy and hard to read for deeply nested dependencies.Patch Changes
pnpm whydependency pruning to prefer correctness over memory consumption. Reverted PR: #7122.pnpm whyandpnpm listperformance in workspaces with many importers by sharing the dependency graph and materialization cache across all importers instead of rebuilding them independently for each one #10596.Platinum Sponsors
Gold Sponsors
v10.29.3Compare Source
v10.29.2Compare Source
v10.29.1: pnpm 10.29.1Compare Source
Minor Changes
pnpm dlx/pnpxcommand now supports thecatalog:protocol. Example:pnpm dlx shx@catalog:.auditLevelin thepnpm-workspace.yamlfile #10540.workspace:protocol without version specifier. It is now treated asworkspace:*and resolves to the concrete version during publish #10436.Patch Changes
Fixed
pnpm list --jsonreturning incorrect paths when using global virtual store #10187.Fix
pnpm store pathandpnpm store statususing workspace root for path resolution whenstoreDiris relative #10290.Fixed
pnpm run -rfailing with "No projects matched the filters" when an emptypnpm-workspace.yamlexists #10497.Fixed a bug where
catalogMode: strictwould write the literal string"catalog:"topnpm-workspace.yamlinstead of the resolved version specifier when re-adding an existing catalog dependency #10176.Fixed the documentation URL shown in
pnpm completion --helpto point to the correct page at https://pnpm.io/completion #10281.Skip local
file:protocol dependencies duringpnpm fetch. This fixes an issue wherepnpm fetchwould fail in Docker builds when local directory dependencies were not available #10460.Fixed
pnpm audit --jsonto respect the--audit-levelsetting for both exit code and output filtering #10540.update tar to version 7.5.7 to fix security issue
Updating the version of dependency tar to 7.5.7 because the previous one have a security vulnerability reported here: CVE-2026-24842
Fix
pnpm audit --fixreplacing reference overrides (e.g.$foo) with concrete versions #10325.Fix
shamefullyHoistset viaupdateConfigin.pnpmfile.cjsnot being converted topublicHoistPattern#10271.pnpm helpshould correctly report if the currently running pnpm CLI is bundled with Node.js #10561.Add a warning when the current directory contains the PATH delimiter character. On macOS, folder names containing forward slashes (/) appear as colons (:) at the Unix layer. Since colons are PATH separators in POSIX systems, this breaks PATH injection for
node_modules/.bin, causing binaries to not be found when running commands likepnpm exec#10457.Platinum Sponsors
Gold Sponsors
Configuration
📅 Schedule: Branch creation - "after 10:00 before 19:00 every weekday except after 13:00 before 14:00" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.