Build(deps): bump issue-ops/releaser from 2 to 3 #152

dependabot · 2026-01-01T21:02:29Z

Release notes

Sourced from issue-ops/releaser's releases.

v3.0.0

What's Changed

Bump @eslint/plugin-kit from 0.3.1 to 0.3.3 in the npm_and_yarn group by @dependabot[bot] in issue-ops/releaser#257

Bump @eslint/plugin-kit from 0.3.3 to 0.3.4 in the npm_and_yarn group by @dependabot[bot] in issue-ops/releaser#258

Bump eslint-import-resolver-typescript from 4.4.3 to 4.4.4 by @dependabot[bot] in issue-ops/releaser#259

Bump rollup from 4.44.1 to 4.46.2 by @dependabot[bot] in issue-ops/releaser#263

Bump eslint-config-prettier from 10.1.5 to 10.1.8 by @dependabot[bot] in issue-ops/releaser#260

Bump actions/checkout from 4 to 5 by @dependabot[bot] in issue-ops/releaser#272

Bump the npm-development group across 1 directory with 9 updates by @dependabot[bot] in issue-ops/releaser#274

Bump the npm-development group with 2 updates by @dependabot[bot] in issue-ops/releaser#275

Bump the npm-development group with 4 updates by @dependabot[bot] in issue-ops/releaser#276

Bump actions/setup-node from 4 to 5 by @dependabot[bot] in issue-ops/releaser#278

Bump the npm-development group with 6 updates by @dependabot[bot] in issue-ops/releaser#277

Bump the npm-development group with 5 updates by @dependabot[bot] in issue-ops/releaser#279

Bump oxsecurity/megalinter from 8 to 9 by @dependabot[bot] in issue-ops/releaser#280

Bump the npm-development group with 6 updates by @dependabot[bot] in issue-ops/releaser#281

Bump the npm-development group with 5 updates by @dependabot[bot] in issue-ops/releaser#282

Bump github/codeql-action from 3 to 4 by @dependabot[bot] in issue-ops/releaser#284

Bump actions/setup-node from 5 to 6 by @dependabot[bot] in issue-ops/releaser#286

Bump actions/upload-artifact from 4 to 5 by @dependabot[bot] in issue-ops/releaser#288

Bump the npm-development group across 1 directory with 11 updates by @dependabot[bot] in issue-ops/releaser#291

Bump @octokit/rest from 22.0.0 to 22.0.1 in the npm-production group by @dependabot[bot] in issue-ops/releaser#290

Upgrade to Node.js 24 by @ncalteen in issue-ops/releaser#297

Bump @rollup/plugin-commonjs from 28.0.6 to 29.0.0 by @dependabot[bot] in issue-ops/releaser#293

Bump the npm-development group across 1 directory with 7 updates by @dependabot[bot] in issue-ops/releaser#294

Bump js-yaml by @dependabot[bot] in issue-ops/releaser#295

Bump actions/checkout from 5 to 6 by @dependabot[bot] in issue-ops/releaser#296

Full Changelog: issue-ops/releaser@v2...v3.0.0

v2.2.0

What's Changed

Bump @eslint/plugin-kit from 0.2.2 to 0.2.3 in the npm_and_yarn group by @dependabot in issue-ops/releaser#154

Bump cross-spawn from 7.0.3 to 7.0.6 in the npm_and_yarn group by @dependabot in issue-ops/releaser#155

Bump @eslint/compat from 1.2.2 to 1.2.3 by @dependabot in issue-ops/releaser#165

Bump @typescript-eslint/eslint-plugin from 8.12.2 to 8.18.0 by @dependabot in issue-ops/releaser#170

Bump prettier from 3.3.3 to 3.4.2 by @dependabot in issue-ops/releaser#167

Bump @typescript-eslint/parser from 8.12.2 to 8.18.0 by @dependabot in issue-ops/releaser#169

Bump rollup from 4.24.3 to 4.28.1 by @dependabot in issue-ops/releaser#166

Bump @types/node from 22.8.6 to 22.10.2 by @dependabot in issue-ops/releaser#168

Bump typescript from 5.6.2 to 5.7.2 by @dependabot in issue-ops/releaser#164

Bump eslint-plugin-jest from 28.8.3 to 28.9.0 by @dependabot in issue-ops/releaser#162

Bump @types/jest from 29.5.13 to 29.5.14 by @dependabot in issue-ops/releaser#161

Bump eslint from 9.14.0 to 9.16.0 by @dependabot in issue-ops/releaser#158

Bump eslint from 9.16.0 to 9.17.0 by @dependabot in issue-ops/releaser#180

Bump @types/node from 22.10.2 to 22.10.5 by @dependabot in issue-ops/releaser#181

Bump eslint-import-resolver-typescript from 3.6.3 to 3.7.0 by @dependabot in issue-ops/releaser#179

Bump @rollup/plugin-node-resolve from 15.3.0 to 16.0.0 by @dependabot in issue-ops/releaser#178

Bump @rollup/plugin-commonjs from 28.0.1 to 28.0.2 by @dependabot in issue-ops/releaser#176

... (truncated)

Commits

41bcc03 Merge pull request #297 from issue-ops/ncalteen/node24
4be9d63 Upgrade to Node.js 24
e31b1dc Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/rollup/plugin-co...
1eb1299 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/npm-development-...
4bc29e1 Merge remote-tracking branch 'origin/dependabot/npm_and_yarn/multi-75e6bc5210...
ea7ef66 Bump actions/checkout from 5 to 6
c522602 Bump js-yaml
4f6f23d Bump the npm-development group across 1 directory with 7 updates
493fe3b Bump @rollup/plugin-commonjs from 28.0.6 to 29.0.0
801b784 Merge pull request #290 from issue-ops/dependabot/npm_and_yarn/npm-production...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [issue-ops/releaser](https://github.com/issue-ops/releaser) from 2 to 3. - [Release notes](https://github.com/issue-ops/releaser/releases) - [Commits](issue-ops/releaser@v2...v3) --- updated-dependencies: - dependency-name: issue-ops/releaser dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-01-01T21:05:03Z

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Errors	Warnings	Elapsed time
✅ ACTION	actionlint	5	0	0	0.05s
✅ JSON	jsonlint	5	0	0	0.18s
✅ JSON	npm-package-json-lint	yes	no	no	1.88s
✅ JSON	prettier	5	0	0	1.01s
✅ JSON	v8r	5	0	0	8.14s
✅ MARKDOWN	markdownlint	1	0	0	0.85s
✅ REPOSITORY	checkov	yes	no	no	23.26s
✅ REPOSITORY	gitleaks	yes	no	no	1.21s
✅ REPOSITORY	git_diff	yes	no	no	0.04s
❌ REPOSITORY	grype	yes	15	no	47.96s
✅ REPOSITORY	secretlint	yes	no	no	1.14s
✅ REPOSITORY	syft	yes	no	no	9.16s
✅ REPOSITORY	trivy-sbom	yes	no	no	4.29s
✅ REPOSITORY	trufflehog	yes	no	no	30.35s
✅ TYPESCRIPT	prettier	9	0	0	1.5s
✅ YAML	prettier	13	0	0	0.85s
✅ YAML	v8r	13	0	0	10.2s
✅ YAML	yamllint	13	0	0	0.64s

Detailed Issues

❌ REPOSITORY / grype - 15 errors

[0000]  WARN no explicit name and version provided for directory source, deriving artifact ID from the given path (which is not ideal) from=syft
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
error purl scheme is not "pkg": ""
NAME    INSTALLED  FIXED IN          TYPE       VULNERABILITY   SEVERITY  EPSS          RISK   
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-61723  High      < 0.1% (7th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-61725  High      < 0.1% (6th)  < 0.1  
stdlib  go1.23.10  *1.23.12, 1.24.6  go-module  CVE-2025-47907  High      < 0.1% (5th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-58185  Medium    < 0.1% (9th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-58186  Medium    < 0.1% (7th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-61724  Medium    < 0.1% (6th)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-47912  Medium    < 0.1% (6th)  < 0.1  
stdlib  go1.23.10  *1.24.9, 1.25.3   go-module  CVE-2025-58187  High      < 0.1% (2nd)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-58188  High      < 0.1% (2nd)  < 0.1  
stdlib  go1.23.10  *1.24.11, 1.25.5  go-module  CVE-2025-61729  High      < 0.1% (1st)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-58189  Medium    < 0.1% (4th)  < 0.1  
stdlib  go1.23.10  *1.23.12, 1.24.6  go-module  CVE-2025-47906  Medium    < 0.1% (2nd)  < 0.1  
stdlib  go1.23.10  *1.24.8, 1.25.2   go-module  CVE-2025-58183  Medium    < 0.1% (1st)  < 0.1  
stdlib  go1.23.10  *1.24.11, 1.25.5  go-module  CVE-2025-61727  Medium    < 0.1% (0th)  < 0.1  
stdlib  go1.23.10  *1.23.11, 1.24.5  go-module  CVE-2025-4674   High      < 0.1% (0th)  < 0.1
[0047] ERROR discovered vulnerabilities at or above the severity threshold

See detailed reports in MegaLinter artifacts

Your project could benefit from a custom flavor, which would allow you to run only the linters you need, and thus improve runtime performances. (Skip this info by defining FLAVOR_SUGGESTIONS: false)

Documentation: Custom Flavors
Command: npx mega-linter-runner@9.2.0 --custom-flavor-setup --custom-flavor-linters ACTION_ACTIONLINT,JSON_JSONLINT,JSON_V8R,JSON_PRETTIER,JSON_NPM_PACKAGE_JSON_LINT,MARKDOWN_MARKDOWNLINT,REPOSITORY_CHECKOV,REPOSITORY_GIT_DIFF,REPOSITORY_GITLEAKS,REPOSITORY_GRYPE,REPOSITORY_SECRETLINT,REPOSITORY_SYFT,REPOSITORY_TRIVY_SBOM,REPOSITORY_TRUFFLEHOG,TYPESCRIPT_PRETTIER,YAML_PRETTIER,YAML_YAMLLINT,YAML_V8R

dependabot bot added actions GitHub Actions issues and PRs dependabot Dependabot issues and PRs labels Jan 1, 2026

dependabot bot requested a review from a team as a code owner January 1, 2026 21:02

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Build(deps): bump issue-ops/releaser from 2 to 3 #152

Build(deps): bump issue-ops/releaser from 2 to 3 #152

Uh oh!

dependabot bot commented on behalf of github Jan 1, 2026

Uh oh!

github-actions bot commented Jan 1, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Build(deps): bump issue-ops/releaser from 2 to 3 #152

Are you sure you want to change the base?

Build(deps): bump issue-ops/releaser from 2 to 3 #152

Uh oh!

Conversation

dependabot bot commented on behalf of github Jan 1, 2026

v3.0.0

What's Changed

v2.2.0

What's Changed

Uh oh!

github-actions bot commented Jan 1, 2026

❌MegaLinter analysis: Error

Detailed Issues

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant