Skip to content

ci: bump @commitlint/cli from 21.0.1 to 21.0.2#902

Merged
TobiTenno merged 1 commit into
masterfrom
dependabot-npm_and_yarn-commitlint-cli-21.0.2
Jun 5, 2026
Merged

ci: bump @commitlint/cli from 21.0.1 to 21.0.2#902
TobiTenno merged 1 commit into
masterfrom
dependabot-npm_and_yarn-commitlint-cli-21.0.2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 4, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps @commitlint/cli from 21.0.1 to 21.0.2.

Release notes

Sourced from @​commitlint/cli's releases.

v21.0.2

21.0.2 (2026-05-29)

Bug Fixes

Chore/CI

New Contributors

Full Changelog: conventional-changelog/commitlint@v21.0.1...v21.0.2

Changelog

Sourced from @​commitlint/cli's changelog.

21.0.2 (2026-05-29)

Bug Fixes

  • disallow same commit hash for --from and --to (#4773) (121005e)
Commits

@dependabot dependabot Bot added Scope: Dependencies Pull requests that update a dependency file Type: Maintenance labels Jun 4, 2026
@github-actions

github-actions Bot commented Jun 4, 2026
edited
Loading

Copy link
Copy Markdown

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@commitlint/cli 21.0.2 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 1Found 1/7 approved changesets -- score normalized to 1
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@commitlint/is-ignored 21.0.2 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 1Found 1/7 approved changesets -- score normalized to 1
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@commitlint/lint 21.0.2 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 1Found 1/7 approved changesets -- score normalized to 1
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@commitlint/load 21.0.2 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 1Found 1/7 approved changesets -- score normalized to 1
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@commitlint/message 21.0.2 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 1Found 1/7 approved changesets -- score normalized to 1
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@commitlint/parse 21.0.2 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 1Found 1/7 approved changesets -- score normalized to 1
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@commitlint/read 21.0.2 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 1Found 1/7 approved changesets -- score normalized to 1
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@commitlint/rules 21.0.2 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 1Found 1/7 approved changesets -- score normalized to 1
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@commitlint/top-level 21.0.2 🟢 4.9
Details
CheckScoreReason
Code-Review⚠️ 1Found 1/7 approved changesets -- score normalized to 1
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 1030 commit(s) and 13 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Signed-Releases⚠️ -1no releases found
Pinned-Dependencies⚠️ 2dependency not pinned by hash detected -- score normalized to 2
Packaging🟢 10packaging workflow detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/es-toolkit 1.47.0 🟢 8.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 10 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review🟢 5Found 17/29 approved changesets -- score normalized to 5
Dependency-Update-Tool🟢 10update tool detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies🟢 10all dependencies are pinned
Binary-Artifacts🟢 10no binaries found in the repo
SAST🟢 7SAST tool detected but not run on all commits
License🟢 10license file detected
Fuzzing🟢 10project is fuzzed
Packaging🟢 10packaging workflow detected
Vulnerabilities🟢 100 existing vulnerabilities detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
Signed-Releases⚠️ 0Project has not signed or included provenance with any releases.
CI-Tests🟢 1029 out of 29 merged PRs checked by a CI test -- score normalized to 10
Contributors🟢 10project has 58 contributing companies or organizations

Scanned Files

  • package-lock.json

@dependabot dependabot Bot force-pushed the dependabot-npm_and_yarn-commitlint-cli-21.0.2 branch from 7e8c716 to ea2a098 Compare June 5, 2026 04:14
@dependabot
ci: bump @commitlint/cli from 21.0.1 to 21.0.2
20165e7 
Bumps [@commitlint/cli](https://github.com/conventional-changelog/commitlint/tree/HEAD/@commitlint/cli) from 21.0.1 to 21.0.2.
- [Release notes](https://github.com/conventional-changelog/commitlint/releases)
- [Changelog](https://github.com/conventional-changelog/commitlint/blob/master/@commitlint/cli/CHANGELOG.md)
- [Commits](https://github.com/conventional-changelog/commitlint/commits/v21.0.2/@commitlint/cli)

---
updated-dependencies:
- dependency-name: "@commitlint/cli"
  dependency-version: 21.0.2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot-npm_and_yarn-commitlint-cli-21.0.2 branch from ea2a098 to 20165e7 Compare June 5, 2026 04:17
@TobiTenno TobiTenno enabled auto-merge (squash) June 5, 2026 04:17
@TobiTenno TobiTenno merged commit 80d9e1c into master Jun 5, 2026
11 checks passed
@TobiTenno TobiTenno deleted the dependabot-npm_and_yarn-commitlint-cli-21.0.2 branch June 5, 2026 04:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TobiTenno TobiTenno TobiTenno approved these changes

Assignees

No one assigned

Labels

Scope: Dependencies Pull requests that update a dependency file Type: Maintenance

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TobiTenno