Skip to content

build(deps): bump tmp, @release-it/conventional-changelog, react-native and release-it#830

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-7daa239cf0
Open

build(deps): bump tmp, @release-it/conventional-changelog, react-native and release-it#830
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/multi-7daa239cf0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 27, 2026

Removes tmp. It's no longer used after updating ancestor dependencies tmp, @release-it/conventional-changelog, react-native and release-it. These dependencies need to be updated together.

Removes tmp

Updates @release-it/conventional-changelog from 8.0.1 to 11.0.0

Release notes

Sourced from @​release-it/conventional-changelog's releases.

Release 11.0.0

  • Fix repository.url (23d3d9cd50fdb4475b8736273a776541833862c0)
  • docs: fix broken links and remove outdated override warning (#138) (344bad3bf2f90618a86d3e38883a5d5eff12aaf1) - thanks @​aarondpn!
  • fix: support release-it 20 (#142) (043242693e5c88244a25fbcf0dceafcbf955588f) - thanks @​twk3!
  • Update dependencies & bump engines.node (1b746e6b5a26335cf01c314074dcf7e291c260a0)

Release 10.0.6

  • fix: bump conventional-changelog to ^7.2.0 (#141) (0e2bb53395fd5f6037c2244378fdd827d3f0ffd6) - thanks @​aarondpn!
  • Update dependencies (1f2572923a00a01276b97c8eece41d38b8f90e02)

Release 10.0.5

  • test: add should generate changelog with remote origin urls (#132) (7e53f8ce957b1e2469acfff6bb2d1f9a46654b6f) - thanks @​Maxel01!
  • fix: pass parserOpts to both Bumper and ConventionalChangelog (#135) (4dce48ad332aeba00ae49c2f9df229961ab902eb) - thanks @​aarond-sp!

Release 10.0.4

  • fix: add readRepository to resolve correct urls (#131) (933bcc6aa5d854158dc3702f004b5cbd4caf4cad) - thanks @​Maxel01!
  • Update release-it (ac4426a38d5d2c948884901acf8adec065d54c4f)

Release 10.0.3

  • Remove verbose comments (eb178bd556e5939b93a374adc418d6be5cc85323)
  • fix: remove preset options filtering (#129) (1b9fb95608117bc3f0f3379188f5c82f3231a792) - thanks @​NateSmyth!

Release 10.0.2

  • Remove node 18 from test matrix (e00dabf5cdd374a33361aeda9aa9eaf8cb4be485)
  • feat: Preserve preReleaseBase config option (#111) (678faefe7049e30499d19d002c5ef6234a8a77b6) - thanks @​ChAyLom!
  • Bump tmp from 0.2.3 to 0.2.4 (#120) (5ccbc29ba2e54308b5ad6fbf5209d50f4268916c) - thanks @​dependabot[bot]!
  • Fix CVE-2025-59433: Update dependencies and enable all tests (#124) (c838c6789872c12916ccc63ea93813ade66040cf) - thanks @​nbouvrette!
  • Add Node 24 to CI workflow (8f5ac43899d8e43f0eb9e4cc57aa8f07483fb921)
  • Add github release notes + comments (2d0a4b396cfadb3f7a2807fdde6b763c773e668a)
  • Bump engines.node (not breaking as release-it has this too) (5fa0ce80e0604296128d95748b345c9ee5a3f5df)

Release 10.0.1

  • Add dummy config file in test (3e9f528)
  • Support release-it v19 (a2f5059)
  • Add note about conventional-changelog-conventionalcommits override (#110) (587be05)
  • docs: Show that whatBump accepts a function for recommending the new version (#109) (bf27526)

Release 10.0.0

  • Update dependencies + bump engines.node (273c84f)

Release 9.0.4

  • Add default header (resolves #108) (6197330)

Release 9.0.3

  • Format (09fdb3e)
  • fix: use whatBump option (#106) (09aac9e)

Release 9.0.2

  • Minor refactor for readability (ccdd687)
  • Format docs (73e212c)

... (truncated)

Commits

Updates react-native from 0.63.5 to 0.85.3

Release notes

Sourced from react-native's releases.

0.85.3

Changed

Fixed

iOS specific

  • Build: Fix silent tar extraction failure on EdenFS in replace-rncore-version.js by extracting to a temp directory first (9bc7d38be0 by @​motiz88)
  • Build: Skip prebuilds for DynamicFrameworks CI jobs (753c19bea4 by @​motiz88)

Hermes dSYMS:

Hermes V1 dSYMS:

ReactNativeDependencies dSYMs:

ReactNative Core dSYMs:

You can file issues or pick requests against this release here.

To help you upgrade to this version, you can use the Upgrade Helper ⚛️.

View the whole changelog in the CHANGELOG.md file.

0.85.2

Hermes dSYMS:

... (truncated)

Changelog

Sourced from react-native's changelog.

Changelog (pre 0.70)

This file contains all changelogs for releases in the 0.60-0.69 range. Please check out the other CHANGELOG-*.md files for newer and older versions.

v0.69.12

Changed

iOS specific

Fixed

Android specific

v0.69.11

Fixed

iOS specific

v0.69.10

Fixed

Android specific

v0.69.9

Changed

iOS specific

Fixed

... (truncated)

Commits
  • 22ea81b Release 0.85.3
  • de4e138 [0.85] Backport RedBox 2.0 for iOS (#56640)
  • 28fb4a2 Add feature flag to enable experimental MutationObserver (#55919) (#56600)
  • 7fc99bc Fix silent tar extraction failure on EdenFS in replace-rncore-version (#55797...
  • e77df0c Add RCTDevSupportHeaders to React Umbrella (#55974) (#56643)
  • 7846672 [0.85] Add Fast Refresh performance marker and unstable_fastRefreshComplete C...
  • 691b232 [0.85] Backport performance debugging improvements (#56637)
  • 67baaf3 Release 0.85.2
  • 5300582 Fix loading banner stuck after a reload
  • 430da64 Avoid moving RawProps during animation backend commit when retries are possib...
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by react-native-bot, a new releaser for react-native since your current version.


Updates release-it from 17.5.0 to 20.0.1

Release notes

Sourced from release-it's releases.

Release 20.0.1

  • fix: allow false as npm config value in types (#1289) (f783e825944cf8114305606116ca61542f0031c6) - thanks @​ahippler!
  • Bump actions/checkout from 5 to 6 (#1262) (19921fc2429b314912a139f66ed43ca12475ffd3) - thanks @​dependabot[bot]!
  • fix: Replace @​nodeutils/defaults-deep with defu for deep-default merging (#1297) (8616a216ccf2be474732b1aefbe47dce0e6b4eb0) - thanks @​rajnsunny!
  • Update dependencies (bee31380a2bbdda7aeaffe7658a3900290a1a181)

Release 20.0.0

  • fix: remove leading slashes from owner (#1288) (5585b720e9389fa857ba50f86161245ccb3b9589) - thanks @​driiftkiing!
  • Fix write: false guard in npm.bump (resolve #1267) (a2d1b99bfe52fff1b6768f904cae5c4aaa78cfb1)
  • Format (f427a85758999073a5ea4f666c6ddb4cd5586d61)

Release 20.0.0-1

  • Fix test (56cae4cd441e00a58d3d91fbc15b1503d423a775)
  • Update changelog & docs for v20 (509e50b043003f8adf3f347af949819e2954b639)
  • Improve guessPreReleaseTaggetRegistryDistTags (a62509e6c7374e3d6898b17ae9ec8c365296fe64)

Release 20.0.0-0

  • fix: upgrade undici from 6.23.0 to 7.24.3 to resolve security vulnerabilities (#1285) (cd100eb1368d084f5892a9a2bbad0c14d511125e) - thanks @​nbouvrette!
  • Fix Logger.info() on Node.js 25 (#1284) (dcc0b43fc6bb693b3ec176cd8d77bbb40f454164) - thanks @​bidord!
  • Update proxy-agent to fix DEP0169 (#1287) (c660ef5f34536988abd203807f53ec3ea5c1c742) - thanks @​risantos!
  • Update dependencies (9dc313e29e617af912ace05a5aaa5cc34fdf35a3)
  • Fix lint issues (a0522ff8777fc6877bf03f5f441e33561c9dc25b)
  • Bump engines.node (5654b9badae6dd08a3d654772d2f280f6b1d84c3)
  • Don't roll back if isReleased is set (resolve #1281) (f2a31231f587cb4809415f4eae81a99617177341)
  • Fix if not running test using npm (332f40536ec32bbd816f9872bb89bc864ee66136)
  • Migrate to @​inquirer/prompts (resolve #1260) (6c21e95c9188e88d41bb30840672cbd5fe99f5b6)
  • Pop it (c90c4c97e11da8f90b398f045e5337f8ec5e0439)

Release 19.2.4

  • chore: update dependencies to resolve security vulnerabilities (#1273) (b45dd1aa3749d74ce279600dea242cb3c9dd5e8d) - thanks @​Yeom-JinHo!
  • Update a few dev deps (cd8acdc8fdb50cf60ba45e8bd5128c4669a04f00)

Release 19.2.3

  • Reuse generated changelog (316dbfa458d670fc92d2da7fe7298ad90f44dc68)
  • Remove obsolete eslint compat packages/config (f6cc8f3622995ebe98c43a8a5adb8d62b2de70b8)
  • Update remark-preset-webpro and fix broken links (6e6dd4b893bd53a621ea2bee9ad48d5fa42f6279)

Release 19.2.2

  • Improve getChangelog method (7a56364997d8ca4a640251bc9be37ed7cbf8568c)

Release 19.2.1

  • Improve commit prompt (b7aca7c159b3d34fe45f6fb722bb5f664c4bae9a)
  • Remedy potential edge case in template helper (5c0a6eeeddf7ed1ce0e4cfcffc1c2c72ab63a01b)

Release 19.2.0

  • Add option to exit gracefully (e1f825dce259118401f17c1d9de0002233e21e67)
  • Update dependencies (424c9f6c1d9681f4e4a3a37552dd2a99a750a3d2)
  • Auto-format docs (06f41bbb4b0cbb59ef39a6bd426ee9034b6f396e)
  • fix: add shell mode for npm commands on windows (#1266) (382e3464095628c23ef9c85c363933f3bf1db09e) - thanks @​julienbenac!
  • Feat: Add publishPackageManager config option in NPM plugin to allow using different package manager for publishing (e.g. Bun) (#1169) (0dafc0b72159931f088e7232da6c34f0f1e8b06f) - thanks @​chrispader!

... (truncated)

Changelog

Sourced from release-it's changelog.

Changelog

This document lists breaking changes for each major release.

See the GitHub Releases page for detailed changelogs: [https://github.com/release-it/release-it/releases][1]

v20 (2026-03-24)

  • Upgraded undici from v6 to v7 to resolve security vulnerabilities.
  • Upgraded proxy-agent from v6 to v7 to fix DEP0169 (url.parse() deprecation).
  • Migrated from deprecated inquirer to @inquirer/prompts.
  • Bumped engines.node to minimum Node.js v20.19.0 (was v20.12.0).

v19 (2025-04-18)

  • No breaking changes (dependency party)

v18 (2025-01-06)

  • Removed support for Node.js v18.

v17 (2023-11-11)

  • Removed support for Node.js v16.

v16 (2023-07-05)

  • Removed support for Node.js v14.

v15 (2022-04-30)

  • Removed support for Node.js v10 and v12.
  • Removed support for GitLab v12.4 and lower.
  • Removed anonymous metrics (and the option to disable it).
  • Programmatic usage and plugins only through ES Module syntax (import)

Use release-it v14 in legacy environments.

v14 (2020-09-03)

  • Removed global property from plugins. Use this.config[key] instead.
  • Removed deprecated npm.access option. Set this in package.json instead.

v13 (2020-03-07)

  • Dropped support for Node v8
  • Dropped support for GitLab v11.6 and lower.
  • Deprecated scripts are removed (in favor of [hooks][2]).
  • Removed deprecated --non-interactive (-n) argument. Use --ci instead.
  • Removed old %s and [REV_RANGE] syntax in command substitutions. Use ${version} and ${latestTag} instead.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump tmp, @release-it/conventional-changelog, react-nati…
cbba8da 
…ve and release-it

Removes [tmp](https://github.com/raszi/node-tmp). It's no longer used after updating ancestor dependencies [tmp](https://github.com/raszi/node-tmp), [@release-it/conventional-changelog](https://github.com/release-it/conventional-changelog), [react-native](https://github.com/facebook/react-native/tree/HEAD/packages/react-native) and [release-it](https://github.com/release-it/release-it). These dependencies need to be updated together.


Removes `tmp`

Updates `@release-it/conventional-changelog` from 8.0.1 to 11.0.0
- [Release notes](https://github.com/release-it/conventional-changelog/releases)
- [Commits](release-it/conventional-changelog@8.0.1...11.0.0)

Updates `react-native` from 0.63.5 to 0.85.3
- [Release notes](https://github.com/facebook/react-native/releases)
- [Changelog](https://github.com/facebook/react-native/blob/main/CHANGELOG-0.6x.md)
- [Commits](https://github.com/facebook/react-native/commits/v0.85.3/packages/react-native)

Updates `release-it` from 17.5.0 to 20.0.1
- [Release notes](https://github.com/release-it/release-it/releases)
- [Changelog](https://github.com/release-it/release-it/blob/main/CHANGELOG.md)
- [Commits](release-it/release-it@17.5.0...20.0.1)

---
updated-dependencies:
- dependency-name: tmp
  dependency-version:
  dependency-type: indirect
- dependency-name: "@release-it/conventional-changelog"
  dependency-version: 11.0.0
  dependency-type: direct:development
- dependency-name: react-native
  dependency-version: 0.85.3
  dependency-type: direct:development
- dependency-name: release-it
  dependency-version: 20.0.1
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants