chore(deps): update dependency semantic-release to v17 [security] - abandoned #38
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
6.3.6
->17.2.3
GitHub Vulnerability Alerts
CVE-2020-26226
Impact
Secrets that would normally be masked by
semantic-release
can be accidentally disclosed if they contain characters that become encoded when included in a URL.Patches
Fixed in v17.2.3
Workarounds
Secrets that do not contain characters that become encoded when included in a URL are already masked properly.
Release Notes
semantic-release/semantic-release
v17.2.3
Compare Source
Bug Fixes
v17.2.2
Compare Source
Bug Fixes
v17.2.1
Compare Source
Reverts
v17.2.0
Compare Source
Features
v17.1.2
Compare Source
Bug Fixes
v17.1.1
Compare Source
Bug Fixes
v17.1.0
Compare Source
Features
v17.0.8
Compare Source
Bug Fixes
v17.0.7
Compare Source
Bug Fixes
v17.0.6
Compare Source
Bug Fixes
v17.0.5
Compare Source
Bug Fixes
v17.0.4
Compare Source
Bug Fixes
repositoryUrl
in logs (55be0ba)v17.0.3
Compare Source
Bug Fixes
getGitAuthUrl
(e7bede1)v17.0.2
Compare Source
Bug Fixes
v17.0.1
Compare Source
Bug Fixes
v17.0.0
Compare Source
BREAKING CHANGES
v16.0.4
Compare Source
Bug Fixes
v16.0.3
Compare Source
Bug Fixes
--no-verify
when testing the Git permissions (b54b20d)v16.0.2
Compare Source
Bug Fixes
v16.0.1
Compare Source
Bug Fixes
v16.0.0
Compare Source
BREAKING CHANGES
v16.0.0@​beta
users only:In v16, a JSON object stored in a Git note is used to keep track of the channels on which a version has been released, the
@{channel}
suffix is no longer necessary.The tags formatted as v{version}@{channel} will now be ignored. If you have releases using this format you will have to upgrade them:
v{version}@​{channel}
{"channels":["channel1","channel2"]}
and usingnull
for the default channel (for example.{"channels":[null,"channel1","channel2"]}
)Require Node.js >= 10.13
Git CLI version 2.7.1 or higher is now required: The
--merge
option of thegit tag
command has been added in Git version 2.7.1 and is now used by semantic-releaseRegexp are not supported anymore for property matching in the
releaseRules
option.Regex are replaced by globs. For example
/core-.*/
should be changed to'core-*'
.The
branch
option has been removed in favor ofbranches
The new
branches
option expect either an Array or a single branch definition. To migrate your configuration:master
: nothing to changebranch
configuration and want to publish only from one branch: replacebranch
withbranches
("branch": "my-release-branch"
=>"branches": "my-release-branch"
)Features
addChannel
plugins to returnfalse
in order to signify no release was done (e1c7269)publish
plugins to returnfalse
in order to signify no release was done (47484f5)Performance Improvements
git tag --merge <branch>
to filter tags present in a branch history (cffe9a8)Bug Fixes
channel
to publish success log (5744c5e)ERELEASEBRANCHES
error message (#1188) (37bcc9e)ci
option via API and config file (2faff26)getTagHead
only when necessary (de77a79)success
plugin only once for releases added to a channel (9a023b4)addChannel
for 2 merged branches configured with the same channel (4aad9cd)false
(751a5f1)getError
(f96c660)await
(9a1af4d)get-tags
algorithm (00420a8)branch
parameter frompush
function (968b996)v15.14.0
Compare Source
Features
envi-ci
values to plugins context (a8c747d)v15.13.32
Compare Source
Bug Fixes
v15.13.31
Compare Source
Bug Fixes
v15.13.30
Compare Source
Bug Fixes
v15.13.29
Compare Source
Bug Fixes
v15.13.28
Compare Source
Bug Fixes
v15.13.27
Compare Source
Bug Fixes
v15.13.26
Compare Source
Bug Fixes
v15.13.25
Compare Source
Bug Fixes
v15.13.24
Compare Source
Reverts
v15.13.23
Compare Source
Bug Fixes
v15.13.22
Compare Source
Bug Fixes
v15.13.21
Compare Source
Bug Fixes
v15.13.20
Compare Source
Bug Fixes
v15.13.19
Compare Source
Bug Fixes
v15.13.18
Compare Source
Bug Fixes
^1.0.0
(6b3adf6)v15.13.17
Compare Source
Bug Fixes
v15.13.16
Compare Source
Bug Fixes
v15.13.15
Compare Source
Bug Fixes
v15.13.14
Compare Source
Bug Fixes
v15.13.13
Compare Source
Bug Fixes
v15.13.12
Compare Source
Bug Fixes
v15.13.11
Compare Source
Bug Fixes
v15.13.10
Compare Source
Bug Fixes
v15.13.9
Compare Source
Bug Fixes
v15.13.8
Compare Source
Bug Fixes
v15.13.7
Compare Source
Bug Fixes
v15.13.6
Compare Source
Bug Fixes
v15.13.5
Compare Source
Bug Fixes
v15.13.4
Compare Source
Bug Fixes
v15.13.3
Compare Source
Bug Fixes
v15.13.2
Compare Source
Bug Fixes
v15.13.1
Compare Source
Bug Fixes
v15.13.0
Compare Source
Features
publish
plugins to returnfalse
in order to signify no release was done (70c68ef)v15.12.5
Compare Source
Bug Fixes
ci
option via API and config file (862ec4c)v15.12.4
Compare Source
Bug Fixes
branch
parameter frompush
function (ffe1062)v15.12.3
Compare Source
Bug Fixes
v15.12.2
Compare Source
Bug Fixes
npx
(eafbb34)v15.12.1
Compare Source
Bug Fixes
v15.12.0
Compare Source
Bug Fixes
Features
prepare
,publish
,success
andfail
plugins skipped in dry-run mode (90da6a0)v15.11.0
Compare Source
Bug Fixes
Features
analyzeCommits
step (5180001)v15.10.8
Compare Source
Bug Fixes
v15.10.7
Compare Source
Bug Fixes
v15.10.6
Compare Source
Bug Fixes
git-url-parse
(a99355e)v15.10.5
Compare Source
Bug Fixes
v15.10.4
Compare Source
Bug Fixes
console.error
(3d5db1f)v15.10.3
Compare Source
Bug Fixes
v15.10.2
Compare Source
Bug Fixes
plugins
option (58c25be)v15.10.1
Compare Source
Bug Fixes
plugins
option (ff275a5)v15.10.0
Compare Source
Features
plugins
option (5ba5010)v15.9.17
Compare Source
Bug Fixes
cwd
toENOGITREPO
error message (9930dac)EPLUGINCONF
error message (bc8551c)v15.9.16
Compare Source
Bug Fixes
v15.9.15
Compare Source
Bug Fixes
v15.9.14
Compare Source
Bug Fixes
env
andcwd
toenv-ci
(540d4fa)v15.9.13
Compare Source
Bug Fixes
v15.9.12
Compare Source
Bug Fixes
fail
/success
plugin params (dffe148)v15.9.11
Compare Source
Bug Fixes
v15.9.10
Compare Source
Bug Fixes
v15.9.9
Compare Source
Bug Fixes
v15.9.8
Compare Source
Bug Fixes
v15.9.7
Compare Source
Reverts
repositoryUrl
to https" (93377eb)v15.9.6
Compare Source
Bug Fixes
repositoryUrl
to https (b895231)v15.9.5
Compare Source
Bug Fixes
stdout
/stderr
passed to pugins (63d422e)v15.9.4
Compare Source
Bug Fixes
v15.9.3
Compare Source
Bug Fixes
v15.9.2
Compare Source
Bug Fixes
cli.js
(43d0646)v15.9.1
Compare Source
Bug Fixes
EPLUGINCONF
error message (d8c84a0)v15.9.0
Compare Source
Features
signale
and allow to customizestdin
andstdout
(0626d57)lastRelease
,commits
,nextRelease
,releases
from JS API (417779e)v15.8.1
Compare Source
Bug Fixes
v15.8.0
Compare Source
Features
cwd
andenv
context to plugins (a94e08d)v15.7.2
Compare Source
Bug Fixes
v15.7.1
Compare Source
Bug Fixes
generateNotes
object config (d8e59cc)v15.7.0
Compare Source
Bug Fixes
path
to plugin config defined as a Function or an Array (f93eeb7)Features
generateNotes
plugins (5989989)v15.6.6
Compare Source
Bug Fixes
v15.6.5
Compare Source
Bug Fixes
v15.6.4
Compare Source
Bug Fixes
v15.6.3
Compare Source
Bug Fixes
v15.6.2
Compare Source
Bug Fixes
git fetch
command (4abda31)v15.6.1
Compare Source
Bug Fixes
v15.6.0
Compare Source
Features
v15.5.5
Compare Source
Bug Fixes
v15.5.4
Compare Source
Bug Fixes
git ls-remote
to verify if the remote branch is ahead (2b6378f)v15.5.3
Compare Source
Bug Fixes
v15.5.2
Compare Source
Bug Fixes
v15.5.1
Compare Source
Bug Fixes
v15.5.0
Compare Source
Features
v15.4.4
Compare Source
Bug Fixes
v15.4.3
Compare Source
Bug Fixes
v15.4.2
Compare Source
Bug Fixes
v15.4.1
Compare Source
Bug Fixes
git rev-parse origin/${branch}
to verify origin head (d7081fa)v15.4.0
Compare Source
Features
v15.3.2
Compare Source
Bug Fixes
git merge-base
error code handling (4352144)v15.3.1
Compare Source
Bug Fixes
v15.3.0
Compare Source
Features
git
error message when authentication verification fails (cd9f2bd)v15.2.0
Compare Source
Features
v15.1.11
Compare Source
Bug Fixes
v15.1.10
Compare Source
Bug Fixes
v15.1.9
Compare Source
Bug Fixes
[`
Configuration
📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.