Skip to content

chore(deps): bump tmp, @release-it/conventional-changelog and release-it#89

Open
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/multi-fdc323d1de
Open

chore(deps): bump tmp, @release-it/conventional-changelog and release-it#89
dependabot[bot] wants to merge 1 commit intomasterfrom
dependabot/npm_and_yarn/multi-fdc323d1de

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot bot commented on behalf of github Apr 1, 2026

Removes tmp. It's no longer used after updating ancestor dependencies tmp, @release-it/conventional-changelog and release-it. These dependencies need to be updated together.

Removes tmp

Updates @release-it/conventional-changelog from 8.0.2 to 10.0.6

Release notes

Sourced from @​release-it/conventional-changelog's releases.

Release 10.0.6

  • fix: bump conventional-changelog to ^7.2.0 (#141) (0e2bb53395fd5f6037c2244378fdd827d3f0ffd6) - thanks @​aarondpn!
  • Update dependencies (1f2572923a00a01276b97c8eece41d38b8f90e02)

Release 10.0.5

  • test: add should generate changelog with remote origin urls (#132) (7e53f8ce957b1e2469acfff6bb2d1f9a46654b6f) - thanks @​Maxel01!
  • fix: pass parserOpts to both Bumper and ConventionalChangelog (#135) (4dce48ad332aeba00ae49c2f9df229961ab902eb) - thanks @​aarond-sp!

Release 10.0.4

  • fix: add readRepository to resolve correct urls (#131) (933bcc6aa5d854158dc3702f004b5cbd4caf4cad) - thanks @​Maxel01!
  • Update release-it (ac4426a38d5d2c948884901acf8adec065d54c4f)

Release 10.0.3

  • Remove verbose comments (eb178bd556e5939b93a374adc418d6be5cc85323)
  • fix: remove preset options filtering (#129) (1b9fb95608117bc3f0f3379188f5c82f3231a792) - thanks @​NateSmyth!

Release 10.0.2

  • Remove node 18 from test matrix (e00dabf5cdd374a33361aeda9aa9eaf8cb4be485)
  • feat: Preserve preReleaseBase config option (#111) (678faefe7049e30499d19d002c5ef6234a8a77b6) - thanks @​ChAyLom!
  • Bump tmp from 0.2.3 to 0.2.4 (#120) (5ccbc29ba2e54308b5ad6fbf5209d50f4268916c) - thanks @​dependabot[bot]!
  • Fix CVE-2025-59433: Update dependencies and enable all tests (#124) (c838c6789872c12916ccc63ea93813ade66040cf) - thanks @​nbouvrette!
  • Add Node 24 to CI workflow (8f5ac43899d8e43f0eb9e4cc57aa8f07483fb921)
  • Add github release notes + comments (2d0a4b396cfadb3f7a2807fdde6b763c773e668a)
  • Bump engines.node (not breaking as release-it has this too) (5fa0ce80e0604296128d95748b345c9ee5a3f5df)

Release 10.0.1

  • Add dummy config file in test (3e9f528)
  • Support release-it v19 (a2f5059)
  • Add note about conventional-changelog-conventionalcommits override (#110) (587be05)
  • docs: Show that whatBump accepts a function for recommending the new version (#109) (bf27526)

Release 10.0.0

  • Update dependencies + bump engines.node (273c84f)

Release 9.0.4

  • Add default header (resolves #108) (6197330)

Release 9.0.3

  • Format (09fdb3e)
  • fix: use whatBump option (#106) (09aac9e)

Release 9.0.2

  • Minor refactor for readability (ccdd687)
  • Format docs (73e212c)
  • fix: Resolve whatBump is not a function error (#105) (5e0af0c)

Release 9.0.1

  • Update dependencies (6059558)
  • fix: Allow whatBump to return undefined to skip versioning (#102) (3301fbe)

... (truncated)

Commits

Updates release-it from 17.11.0 to 19.2.4

Release notes

Sourced from release-it's releases.

Release 19.2.4

  • chore: update dependencies to resolve security vulnerabilities (#1273) (b45dd1aa3749d74ce279600dea242cb3c9dd5e8d) - thanks @​Yeom-JinHo!
  • Update a few dev deps (cd8acdc8fdb50cf60ba45e8bd5128c4669a04f00)

Release 19.2.3

  • Reuse generated changelog (316dbfa458d670fc92d2da7fe7298ad90f44dc68)
  • Remove obsolete eslint compat packages/config (f6cc8f3622995ebe98c43a8a5adb8d62b2de70b8)
  • Update remark-preset-webpro and fix broken links (6e6dd4b893bd53a621ea2bee9ad48d5fa42f6279)

Release 19.2.2

  • Improve getChangelog method (7a56364997d8ca4a640251bc9be37ed7cbf8568c)

Release 19.2.1

  • Improve commit prompt (b7aca7c159b3d34fe45f6fb722bb5f664c4bae9a)
  • Remedy potential edge case in template helper (5c0a6eeeddf7ed1ce0e4cfcffc1c2c72ab63a01b)

Release 19.2.0

  • Add option to exit gracefully (e1f825dce259118401f17c1d9de0002233e21e67)
  • Update dependencies (424c9f6c1d9681f4e4a3a37552dd2a99a750a3d2)
  • Auto-format docs (06f41bbb4b0cbb59ef39a6bd426ee9034b6f396e)
  • fix: add shell mode for npm commands on windows (#1266) (382e3464095628c23ef9c85c363933f3bf1db09e) - thanks @​julienbenac!
  • Feat: Add publishPackageManager config option in NPM plugin to allow using different package manager for publishing (e.g. Bun) (#1169) (0dafc0b72159931f088e7232da6c34f0f1e8b06f) - thanks @​chrispader!
  • Only use --workspaces=false with npm (12bb89ccaacdc2cbc0ba231f93d7bd389241d6a4)
  • Fix up docs/types a bit (05a59863648a0b4ce9186b65cd21225a8421e181)
  • Format (c9d6ebf0415d264e42945f967baae845401d016b)

Release 19.1.0

  • Ignore .npmrc (8ccd060)
  • Update lockfile (c4cd2ba)
  • Support interactive shell in non-CI mode for 2FA flow (resolve #1263) (a10b20d)
  • Add --workspaces=false to get rid of the null/matches error (14a4907)
  • Remove npm config env var warnings (b8c1247)
  • doc(readme): add release-it-beautiful-changelog plugin to list of plugins (#1261) (1b68c21)
  • Add 403 to consider resource alive (7969849)

Release 19.0.6

  • Update list of projects using release-it (92b49d367d28f0eef8cebb7d29059ab54259edff)
  • Bump github/codeql-action from 2 to 4 (#1253) (21309d3dfcc29d6f87061f345610566070e092a8) - thanks @​dependabot[bot]!
  • Bump actions/setup-node from 5 to 6 (#1255) (3fbaab14e2e3240a6b442b84be6019c57685c30e) - thanks @​dependabot[bot]!
  • Test in node 24 (7a12b12a8f75006c72854b0a0934faf5a320067f)
  • Upgrade c12 (resolve #1254) (1f48d03ddfe5d0dff66e2b2211db688c01e5fff4)

Release 19.0.5

  • Add link to release-it-gitea plugin (bf6f1fbb77797ece76c24b47bb1bcd89a9dbd18b)
  • Bump actions/checkout from 4 to 5 (#1243) (e42e7dce72b1469ac1944a6d9eb6b6a8d987a919) - thanks @​dependabot[bot]!
  • Add OIDC publishing docs (#1245) (9933c0d3a3ea7a06513b01863098445552942fce) - thanks @​mceachen!
  • Bump actions/setup-node from 4 to 5 (#1247) (7d9b77fa7ea8f4772257d675036f691982317c08) - thanks @​dependabot[bot]!
  • Auto-format (96181f33ec493a239b32667bfc30f4c8841488f9)
  • Update dependencies (0b907d1cf621572b06663c5acfe989c422d0bf09)
  • Remove redundant knip entry (ca2f7b516585e115e0fbce7c96d0dbc219d2e665)

... (truncated)

Changelog

Sourced from release-it's changelog.

Changelog

This document lists breaking changes for each major release.

See the GitHub Releases page for detailed changelogs: [https://github.com/release-it/release-it/releases][1]

v20 (2026-03-24)

  • Upgraded undici from v6 to v7 to resolve security vulnerabilities.
  • Upgraded proxy-agent from v6 to v7 to fix DEP0169 (url.parse() deprecation).
  • Migrated from deprecated inquirer to @inquirer/prompts.
  • Bumped engines.node to minimum Node.js v20.19.0 (was v20.12.0).

v19 (2025-04-18)

  • No breaking changes (dependency party)

v18 (2025-01-06)

  • Removed support for Node.js v18.

v17 (2023-11-11)

  • Removed support for Node.js v16.

v16 (2023-07-05)

  • Removed support for Node.js v14.

v15 (2022-04-30)

  • Removed support for Node.js v10 and v12.
  • Removed support for GitLab v12.4 and lower.
  • Removed anonymous metrics (and the option to disable it).
  • Programmatic usage and plugins only through ES Module syntax (import)

Use release-it v14 in legacy environments.

v14 (2020-09-03)

  • Removed global property from plugins. Use this.config[key] instead.
  • Removed deprecated npm.access option. Set this in package.json instead.

v13 (2020-03-07)

  • Dropped support for Node v8
  • Dropped support for GitLab v11.6 and lower.
  • Deprecated scripts are removed (in favor of [hooks][2]).
  • Removed deprecated --non-interactive (-n) argument. Use --ci instead.
  • Removed old %s and [REV_RANGE] syntax in command substitutions. Use ${version} and ${latestTag} instead.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
chore(deps): bump tmp, @release-it/conventional-changelog and release-it
b66afa3 
Removes [tmp](https://github.com/raszi/node-tmp). It's no longer used after updating ancestor dependencies [tmp](https://github.com/raszi/node-tmp), [@release-it/conventional-changelog](https://github.com/release-it/conventional-changelog) and [release-it](https://github.com/release-it/release-it). These dependencies need to be updated together.


Removes `tmp`

Updates `@release-it/conventional-changelog` from 8.0.2 to 10.0.6
- [Release notes](https://github.com/release-it/conventional-changelog/releases)
- [Commits](release-it/conventional-changelog@8.0.2...10.0.6)

Updates `release-it` from 17.11.0 to 19.2.4
- [Release notes](https://github.com/release-it/release-it/releases)
- [Changelog](https://github.com/release-it/release-it/blob/main/CHANGELOG.md)
- [Commits](release-it/release-it@17.11.0...19.2.4)

---
updated-dependencies:
- dependency-name: tmp
  dependency-version: 
  dependency-type: indirect
- dependency-name: "@release-it/conventional-changelog"
  dependency-version: 10.0.6
  dependency-type: direct:development
- dependency-name: release-it
  dependency-version: 19.2.4
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 1, 2026
@dependabot dependabot bot requested review from nsrCodes and wrongsahil as code owners April 1, 2026 11:48
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 1, 2026
@pkg-pr-new
Copy link
Copy Markdown

pkg-pr-new bot commented Apr 1, 2026
edited
Loading

Open in StackBlitz

npm i https://pkg.pr.new/@requestly/requestly-proxy@89

commit: b66afa3

@CLAassistant
Copy link
Copy Markdown

CLAassistant commented Apr 1, 2026

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wrongsahil wrongsahil Awaiting requested review from wrongsahil wrongsahil is a code owner

@nsrCodes nsrCodes Awaiting requested review from nsrCodes nsrCodes is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@CLAassistant