Skip to content

chore: bump @lerna-lite/cli from 3.12.1 to 4.11.3#7936

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/main/lerna-lite/cli-4.11.3
Open

chore: bump @lerna-lite/cli from 3.12.1 to 4.11.3#7936
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/main/lerna-lite/cli-4.11.3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 22, 2026

Bumps @lerna-lite/cli from 3.12.1 to 4.11.3.

Release notes

Sourced from @​lerna-lite/cli's releases.

v4.11.3

4.11.3 (2026-02-19)

Bump tar (node-tar) to v7.5.9 fixing another CVE-2026-26960

Bug Fixes

Released by Lerna-Lite 🤖. Star us on GitHub ⭐

v4.11.2

4.11.2 (2026-02-07)

Bug Fixes

Released by Lerna-Lite 🤖. Star us on GitHub ⭐

v4.11.1

4.11.1 (2026-01-17)

bump tar and node-tar to fix a CVE security identified in CVE-2026-23745

🐞 Bug Fixes

Released by Lerna-Lite 🤖. Star us on GitHub!

v4.11.0

4.11.0 (2026-01-16)

This release includes 2 new lerna version options to add extra Header/Footer messages to your GitHub/GitLab Releases. This can be useful to automate the use of certain static texts (like a list of Sponsors or a link to your website), so that they're always included in your releases without having to insert them manually. You can see a demo of that at the bottom of this release which added a footer using one the new footer option.

See 2 new options

Note the text above was not inserted via the new options but the footer down below was inserted with the new release footer option.

... (truncated)

Changelog

Sourced from @​lerna-lite/cli's changelog.

4.11.3 (2026-02-19)

Note: Version bump only for package @​lerna-lite/cli

4.11.2 (2026-02-07)

Note: Version bump only for package @​lerna-lite/cli

4.11.0 (2026-01-16)

✨ Features

4.10.5 (2026-01-07)

Note: Version bump only for package @​lerna-lite/cli

4.10.4 (2026-01-06)

Note: Version bump only for package @​lerna-lite/cli

4.10.3 (2025-12-27)

Note: Version bump only for package @​lerna-lite/cli

4.10.2 (2025-12-13)

Note: Version bump only for package @​lerna-lite/cli

4.10.1 (2025-12-12)

Bug Fixes

4.10.0 (2025-12-12)

Features

4.9.4 (2025-11-27)

Note: Version bump only for package @​lerna-lite/cli

4.9.3 (2025-11-20)

Note: Version bump only for package @​lerna-lite/cli

... (truncated)

Commits
  • 4b9011d chore(release): publish new version v4.11.3
  • 9391887 chore: replace all tsc tasks with tsgo
  • 3b63fab chore(release): publish new version v4.11.2
  • 384d68d chore: use correct import paths in package.json
  • 1e2679e chore(deps): update to oxfmt v0.26.0 which now supports format overrides (#1252)
  • ef74c14 chore(release): publish new version v4.11.0
  • 5ad8425 feat: add customizable remote Release Header & Footer messages (#1243)
  • ea9c5b7 chore: enable new oxlint optional chaining rule (#1240)
  • 4b433dd chore: add missing lerna command options in JSON Schema (#1237)
  • 79d1054 chore(release): publish new version v4.10.5
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​lerna-lite/cli since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore: bump @lerna-lite/cli from 3.12.1 to 4.11.3
0bf2b40 
Bumps [@lerna-lite/cli](https://github.com/lerna-lite/lerna-lite/tree/HEAD/packages/cli) from 3.12.1 to 4.11.3.
- [Release notes](https://github.com/lerna-lite/lerna-lite/releases)
- [Changelog](https://github.com/lerna-lite/lerna-lite/blob/main/packages/cli/CHANGELOG.md)
- [Commits](https://github.com/lerna-lite/lerna-lite/commits/v4.11.3/packages/cli)

---
updated-dependencies:
- dependency-name: "@lerna-lite/cli"
  dependency-version: 4.11.3
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies javascript Pull requests that update Javascript code labels Feb 22, 2026
@dependabot dependabot bot mentioned this pull request Feb 22, 2026
Closed
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 22, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants