Snyk has created this PR to upgrade semantic-release from 18.0.0 to 18.0.1.
:information_source: Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.
The recommended version is 1 version ahead of your current version.
The recommended version was released 22 days ago, on 2021-11-24.
This is a maintenance release. An increasing amount of dependencies required a node version higher than the Node 10 version supported by semantic-release@17. We decided to go straight to a recent Node LTS version because the release build is usually independent of others, requiring a higher node version is less disruptive to users, but helps us reduce the maintenance overhead.
Snyk has created this PR to upgrade semantic-release from 18.0.0 to 18.0.1.
The recommended version fixes:
SNYK-JS-CONVENTIONALCOMMITSPARSER-1766960
Why? CVSS 5.3
(*) Note that the real score may have changed since the PR was raised.
Release notes
Package name: semantic-release
-
18.0.1 - 2021-11-24
- bump @ semantic-release/commit-analyzer to 9.0.2 (#2258) (7f971f3)
-
18.0.0 - 2021-09-17
from semantic-release GitHub release notes18.0.1 (2021-11-24)
Bug Fixes
This is a maintenance release. An increasing amount of dependencies required a node version higher than the Node 10 version supported by
semantic-release@17. We decided to go straight to a recent Node LTS version because the release build is usually independent of others, requiring a higher node version is less disruptive to users, but helps us reduce the maintenance overhead.If you use GitHub Actions and need to bump the node version set up by
actions/node-setup, you can useoctoherd-script-bump-node-version-in-workflowsBREAKING CHANGES
node-version: the minimum required version of node is now v14.17
Commit messages
Package name: semantic-release
- 7f971f3 fix: bump @ semantic-release/commit-analyzer to 9.0.2 (#2258)
- e636621 docs(troubleshooting): typo (#2254)
- f2a2def docs(recipes): fix path to recipes (#2253)
- 628e29e chore(deps): update dependency got to v11.8.3 (#2251)
- 8fda7fd docs(recipes): moved recipes to sub-directories to align with gitbook expectations (#2246)
- 52d76a2 docs(plugin-list): updates semantic-release-plus/docker with updated lifecycle hook. (#2243)
- f092dd1 chore(deps): update dependency nock to v13.2.1 (#2242)
- 03aa7d0 docs(badge): switched to proper semantic-release logo (#2235)
- bc146e4 docs(gitbook): updated the summary document so that missing pages are rendered by gitbook (#2234)
- 5f9d1d1 chore(deps): update dependency nock to v13.2.0 (#2233)
- 7ff71ad chore(deps): update dependency sinon to v12.0.1 (#2231)
- d3958b8 Revert "chore(deps): update dependency p-retry to v5" (#2230)
- 4ae9209 chore(deps): update dependency p-retry to v5 (#2229)
- 32d0ab3 chore(deps): update dependency sinon to v12 (#2227)
- 0e07059 chore(deps): update dependency clear-module to v4.1.2 (#2226)
- b2b07bf docs(plugins): add @ eshepelyuk/semantic-release-helm-oci to plugins list (#2211)
- 2ef403e docs: add semantic-release-npm-deprecate plugin (#2210)
- 0d0e0a1 docs(node-version): consolidated and clarified the details about the required node version (#2170)
- 1e54e9e chore(deps): update dependency ansi-regex to 5.0.1 [security] (#2197)
- aa86683 chore(deps): update dependency nock to v13.1.4
- 8db804b docs: fix plugin example (export `verifyConditions`, not `verify`) (#2192)
- a50dc99 docs(plugins): add telegram-bot plugin to the plugin list (#2190)
- 0495cb6 docs: add semantic-release-github-milestones plugin (#2181)
- 74671f8 docs(github-actions): update workflow version, update node-version (#2175)
CompareNote: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.
For more information:
🧐 View latest project report
🛠 Adjust upgrade PR settings
🔕 Ignore this dependency or unsubscribe from future upgrade PRs