feat(deps): update semantic-release to 23.1.1

[MikeMcC399]

Issue

npm audit reports 5 vulnerabilities (4 moderate, 1 high) due to semantic-release@21.1.2

Background

semantic-release@22.0.0 requires Node.js >= v20.6.0 semantic-release@23.0.0 requires Node.js >= v20.8.1 semantic-release@24.0.0 has no change for Node.js, however it is currently using beta dependencies

Change

Update package.json to semantic-release@23.1.1 Run npm audit fix after update.

Update the release job in .circleci/config.yml to use semantic-release@23.1.1 and to run under Node.js 20.13.1.

(Node.js 18.16.1 is not compatible with semantic-release@22.0.0 and above which requires a minimum of Node.js 18.17.0.)

Verification

npm audit should report

found 0 vulnerabilities

[cypress-app-bot]

• Create a Draft Pull Request if your PR is not ready for review. Mark the PR as Ready for Review when you're ready for a Cypress team member to review the PR.

[MikeMcC399]

• Related to #851

[jennifer-shehane]

@MikeMcC399 Should this be tagged as a 'feat' for the example kitchensink?

[MikeMcC399]

@jennifer-shehane

Should this be tagged as a 'feat' for the example kitchensink?

Using the commit type feat is a workaround.

• If chore(deps) were used, then the change would not be tested, because there would be no release triggered.
• To trigger a release we need fix or feat
• If fix(deps) were used then the release would be labeled under "Bug fixes", which could be misleading
• feat(deps) causes a release with minor version update. This tests the change by triggering a release and the label is "Features".

I`ve used this method elsewhere and it seemed like the best compromise to achieve the desired result of testing the PR and producing a release which is least misleading.

[cypress-app-bot]

:tada: This PR is included in version 3.1.0 :tada:

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot :package::rocket: