Skip to content

chore(deps): bump github-release-from-changelog from 2.1.1 to 3.0.0#3306

Open
dependabot[bot] wants to merge 6 commits into
mainfrom
dependabot/npm_and_yarn/github-release-from-changelog-3.0.0
Open

chore(deps): bump github-release-from-changelog from 2.1.1 to 3.0.0#3306
dependabot[bot] wants to merge 6 commits into
mainfrom
dependabot/npm_and_yarn/github-release-from-changelog-3.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 2, 2026

Copy link
Copy Markdown
Contributor

Bumps github-release-from-changelog from 2.1.1 to 3.0.0.

Release notes

Sourced from github-release-from-changelog's releases.

3.0.0

⚠️ Breaking changes (CLI usage unchanged):

  • 🔒 Upgrade grizzly to ^6 to fix the @octokit/* ReDoS advisories
  • 💥 Now requires Node.js >= 18 (grizzly@6 is ESM-only)
  • 📦 The package is now an ES module ("type": "module")

Internal:

  • 🛠 Replace prettier + pretty-quick with oxlint + oxfmt (removes the cross-spawn/execa advisories from the dev dependencies)
  • ⬆️ Upgrade husky to ^9 (hooks moved to the .husky/ directory)
Changelog

Sourced from github-release-from-changelog's changelog.

3.0.0 - 2026-06-02

⚠️ Breaking changes (CLI usage unchanged):

  • 🔒 Upgrade grizzly to ^6 to fix the @octokit/* ReDoS advisories
  • 💥 Now requires Node.js >= 18 (grizzly@6 is ESM-only)
  • 📦 The package is now an ES module ("type": "module")

Internal:

  • 🛠 Replace prettier + pretty-quick with oxlint + oxfmt (removes the cross-spawn/execa advisories from the dev dependencies)
  • ⬆️ Upgrade husky to ^9 (hooks moved to the .husky/ directory)
Commits
Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


@merll

merll commented Jun 16, 2026

Copy link
Copy Markdown
Collaborator

@dependabot rebase

@dependabot @github

dependabot Bot commented on behalf of github Jun 16, 2026

Copy link
Copy Markdown
Contributor Author

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@merll

merll commented Jul 3, 2026

Copy link
Copy Markdown
Collaborator

@dependabot recreate

Bumps [github-release-from-changelog](https://github.com/MoOx/github-release-from-changelog) from 2.1.1 to 3.0.0.
- [Release notes](https://github.com/MoOx/github-release-from-changelog/releases)
- [Changelog](https://github.com/MoOx/github-release-from-changelog/blob/main/CHANGELOG.md)
- [Commits](MoOx/github-release-from-changelog@2.1.1...3.0.0)

---
updated-dependencies:
- dependency-name: github-release-from-changelog
  dependency-version: 3.0.0
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/github-release-from-changelog-3.0.0 branch from d8b74cc to 019e5b3 Compare July 3, 2026 13:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants