chore(deps): update dependency @changesets/cli to ^2.29.2 - autoclosed

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@changesets/cli (source)	^2.27.1 -> ^2.29.2

---

Release Notes

changesets/changesets (@​changesets/cli)

v2.29.2

Compare Source

Patch Changes

• #​1636 f73f84a Thanks @​Netail! - Correctly resolve new changesets with since option when the .changeset directory is not directly in the git root

• Updated dependencies [f73f84a]:

  • @​changesets/read@​0.6.5
  • @​changesets/git@​3.0.4
  • @​changesets/get-release-plan@​4.0.10
  • @​changesets/apply-release-plan@​7.0.12

v2.29.1

Compare Source

v2.29.0

Compare Source

Minor Changes

• #​1470 29f34a3 Thanks @​JounQin! - Support scoped registries configured using package.json#publishConfig

v2.28.1

Compare Source

Patch Changes

• Updated dependencies [b9df596]:
  • @​changesets/config@​3.1.1
  • @​changesets/apply-release-plan@​7.0.10
  • @​changesets/get-release-plan@​4.0.8

v2.28.0

Compare Source

Minor Changes

• #​1453 84a4a1b Thanks @​bennypowers! - Added a new config option to opt-out from formatting with Prettier using prettier: false.

Patch Changes

• Updated dependencies [84a4a1b, 84a4a1b]:
  • @​changesets/types@​6.1.0
  • @​changesets/config@​3.1.0
  • @​changesets/write@​0.4.0
  • @​changesets/apply-release-plan@​7.0.9
  • @​changesets/assemble-release-plan@​6.0.6
  • @​changesets/changelog-git@​0.2.1
  • @​changesets/get-dependents-graph@​2.1.3
  • @​changesets/get-release-plan@​4.0.7
  • @​changesets/pre@​2.0.2
  • @​changesets/read@​0.6.3
  • @​changesets/should-skip-package@​0.1.2

v2.27.12

Compare Source

Patch Changes

• #​1562 a0f87f1 Thanks @​Netail, @​cefn! - Fixed changelog application when executing using npx and similar tools

• Updated dependencies [a0f87f1]:

  • @​changesets/apply-release-plan@​7.0.8

v2.27.11

Compare Source

Patch Changes

• Updated dependencies [f0270f6]:
  • @​changesets/config@​3.0.5
  • @​changesets/apply-release-plan@​7.0.7
  • @​changesets/get-release-plan@​4.0.6

v2.27.10

Compare Source

Patch Changes

• #​1485 baf5644 Thanks @​bluwy! - Ignore error if failed to find changed packages in changeset add

• #​1489 7bf751c Thanks @​marcalexiei! - Use custom errors when exiting add command due to missing tool

• #​1466 ccce743 Thanks @​marcalexiei! - Add error message and exit when there are no versionable packages

• #​1514 962ab91 Thanks @​nicoalonsop! - Update spawndamnit to fix cross-spawn vulnerability

• Updated dependencies [7323704, 26c8ba9, 82cacb2, 962ab91]:

  • @​changesets/config@​3.0.4
  • @​changesets/git@​3.0.2
  • @​changesets/assemble-release-plan@​6.0.5
  • @​changesets/read@​0.6.2
  • @​changesets/apply-release-plan@​7.0.6
  • @​changesets/get-release-plan@​4.0.5

v2.27.9

Compare Source

Patch Changes

• #​1458 400ab7b Thanks @​benmccann! - Moved @types/semver to devDependencies

• #​1462 689e541 Thanks @​benmccann! - remove outdent dependency

v2.27.8

Compare Source

Patch Changes

• #​1417 bc75c1a Thanks @​trivikr! - Replace chalk with picocolors to reduce install size

• #​1419 4efc038 Thanks @​bluwy! - Fix logging --version flag

• #​1445 52c302a Thanks @​bluwy! - Remove unused @babel/runtime dependency

• #​1446 5150fc1 Thanks @​benmccann! - Switched from preferred-pm to package-manager-detector in order to reduce installation size

• Updated dependencies [bc75c1a, 52c302a]:

  • @​changesets/get-dependents-graph@​2.1.2
  • @​changesets/logger@​0.1.1
  • @​changesets/read@​0.6.1
  • @​changesets/assemble-release-plan@​6.0.4
  • @​changesets/should-skip-package@​0.1.1
  • @​changesets/apply-release-plan@​7.0.5
  • @​changesets/get-release-plan@​4.0.4
  • @​changesets/write@​0.3.2
  • @​changesets/git@​3.0.1
  • @​changesets/pre@​2.0.1
  • @​changesets/config@​3.0.3

v2.27.7

Compare Source

Patch Changes

• #​1047 d108fa6 Thanks @​patzick! - Fixed a crash that could occur when depending on a tagged version of another workspace package.

• #​1400 dd6e5bb Thanks @​Andarist! - Fixed a crash that prevented the CLI from running in a scenario when a workspace depends on the root workspace

• Updated dependencies [d108fa6, dd6e5bb, dd6e5bb]:

  • @​changesets/apply-release-plan@​7.0.4
  • @​changesets/config@​3.0.2
  • @​changesets/get-dependents-graph@​2.1.1
  • @​changesets/assemble-release-plan@​6.0.3
  • @​changesets/get-release-plan@​4.0.3

v2.27.6

Compare Source

Patch Changes

• #​1392 f295b3e Thanks @​bluwy! - Replace meow dependency with mri to reduce the number of transitive dependencies

• #​1390 6a3452e Thanks @​bluwy! - Display changeset status --verbose in list form and remove tty-table dependency

v2.27.5

Compare Source

Patch Changes

• #​1370 5e9d33a Thanks @​Andarist! - Fixed a regression that caused changeset version to fail on packages having a dev dependency on a skipped package.

• Updated dependencies [5e9d33a]:

  • @​changesets/get-dependents-graph@​2.1.0
  • @​changesets/assemble-release-plan@​6.0.2
  • @​changesets/config@​3.0.1
  • @​changesets/get-release-plan@​4.0.2
  • @​changesets/apply-release-plan@​7.0.3

v2.27.4

Compare Source

Patch Changes

• #​1361 954a16a Thanks @​jakebailey! - Version 2.25.0 introduced the privatePackage configuration option with default { version: false, tag: false }; due to a bug, these options were not respected in all commands, leading to commands like changeset tag still tagging private packages. This has been fixed, and all packages now respect this option.

• #​1369 d729d8c Thanks @​Andarist! - changeset tag should now correctly skip tags that exist on the remote

• Updated dependencies [954a16a]:

  • @​changesets/assemble-release-plan@​6.0.1
  • @​changesets/apply-release-plan@​7.0.2
  • @​changesets/get-release-plan@​4.0.1

v2.27.3

Compare Source

Patch Changes

• #​1357 18c966a Thanks @​Andarist! - Fixed an issue with changeset status executed without since argument. It should now correctly use the configured base branch as the default value.

v2.27.2

Compare Source

Patch Changes

• #​1354 69be7dc Thanks @​Andarist! - Fixed an issue with changeset status incorrectly returning an error status in two cases:

  • for changed ignored packages
  • for changed private packages when privatePackage.version was set to false

• #​1351 c6da182 Thanks @​TheHolyWaffle! - Fix an issue with not applying a custom .prettierrc configuration with prettier@>= 3.1.1

• Updated dependencies [c6da182]:

  • @​changesets/apply-release-plan@​7.0.1
  • @​changesets/write@​0.3.1

---

Configuration

📅 Schedule: Branch creation - "* 0-3 1 * *" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

⚠️ No Changeset found

Latest commit: eb74ca2

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

size-limit report 📦

Path	Size
lib/index.js	36 B (0%)

[github-actions]

Deploy preview for workerkit ready!

✅ Preview
https://workerkit-ihvrg1qcf-1stg.vercel.app

Built with commit eb74ca2.
This pull request is being automatically deployed with vercel-action

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License

View full report

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[socket-security]

Warning

Review the following alerts detected in dependencies.

According to your organization's Security Policy, it is recommended to resolve "Warn" alerts. Learn more about Socket for GitHub.

Action	Severity	Alert (click for details)
Warn		es5-ext@0.10.62 is Protestware or potentially unwanted behavior. Note: This package prints a protestware console message on install regarding Ukraine for users with Russian language locale Source ℹ Read more on: This package | This alert | What is protestware? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Consider that consuming this package may come along with functionality unrelated to its primary purpose. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/es5-ext@0.10.62. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.
Warn		es5-ext@0.10.62 is Protestware or potentially unwanted behavior. Note: The script attempts to run a local post-install script, which could potentially contain malicious code. The error handling suggests that it is designed to fail silently, which is a common tactic in malicious scripts. Source ℹ Read more on: This package | This alert | What is protestware? Next steps: Take a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support@socket.dev. Suggestion: Consider that consuming this package may come along with functionality unrelated to its primary purpose. Mark the package as acceptable risk. To ignore this alert only in this pull request, reply with the comment @SocketSecurity ignore npm/es5-ext@0.10.62. You can also ignore all packages with @SocketSecurity ignore-all. To ignore an alert for all future pull requests, use Socket's Dashboard to change the triage state of this alert.

View full report