Skip to content

build: bump mkver from 4.3.1 to 5.0.1#1185

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/mkver-5.0.1
Open

build: bump mkver from 4.3.1 to 5.0.1#1185
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/npm_and_yarn/mkver-5.0.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 11, 2026

Copy link
Copy Markdown
Contributor

Bumps mkver from 4.3.1 to 5.0.1.

Release notes

Sourced from mkver's releases.

v5.0.1

Full Changelog: photostructure/mkver@v5.0.0...v5.0.1

v5.0.0

  • 💔 Drop support for Node.js v20 (EOL). mkver now requires Node.js v22 or later.
  • 📦 Security hardening: add .npmrc to disable npm lifecycle scripts and add SECURITY.md with vulnerability reporting guidelines
  • 📦 Update CI Node.js matrix to v22, v24, and v26
  • 📦 Switch from the abandoned npm-run-all to npm-run-all2 and update dev dependencies
  • 📦 Update GitHub Actions (checkout, setup-node) and pin them via pinact; remove the deprecated dependabot config

Full Changelog: photostructure/mkver@v4.3.1...v5.0.0

Changelog

Sourced from mkver's changelog.

v5.0.1

  • 📦 Upgrade dev toolchain to TypeScript 6.0 and ESLint 10, and refresh dev dependencies
  • 📦 Migrate tsconfig.json to moduleResolution: "bundler" with an explicit types list (TypeScript 6.0 no longer auto-discovers @types)
  • 📦 Pass --ignoreConfig when compiling generated .ts fixtures in tests (TypeScript 6.0 now errors with TS5112 when files are given on the command line alongside a tsconfig.json)

v5.0.0

  • 💔 Drop support for Node.js v20 (EOL). mkver now requires Node.js v22 or later.
  • 📦 Security hardening: add .npmrc to disable npm lifecycle scripts and add SECURITY.md with vulnerability reporting guidelines
  • 📦 Update CI Node.js matrix to v22, v24, and v26
  • 📦 Switch from the abandoned npm-run-all to npm-run-all2 and update dev dependencies
  • 📦 Update GitHub Actions (checkout, setup-node) and pin them via pinact; remove the deprecated dependabot config

v4.3.0

  • ✨ Added --version and -v CLI flags to display version number

v4.2.0

  • ✨ Enhanced git error handling with user-friendly, actionable error messages for common failure scenarios:
    • git not available
    • Running outside a git repository
    • Running in a git repository with no commits
  • 📦 Added comprehensive test coverage for git prerequisite failure modes and CLI flags
  • 📦 Support for GIT environment variable to override git command (useful for testing)

v4.1.0

  • 🐞 Fix #49, which required semver to be added as a proper dependency, and the path to mkver to be fixed. Thanks, Rob van der Leek!

v4.0.3

  • 📦 Update GitHub Actions to publish via OIDC

v4.0.2

  • ✨ Add ESLint configuration for JavaScript and TypeScript linting
  • 📦 Fix cross-platform TypeScript compilation in tests using npx
  • 📦 Update GitHub Actions workflows to use numeric Node.js versions

v4.0.1

  • 💔 Drop Node.js v18 and v21 support

  • ✨ Add .cjs file extension support for explicit CommonJS output

  • 📦 add Node.js v22, v23, and v24 support

  • 📦 Switch CI workflow from yarn to npm

  • 🐞 Enhance error handling for file creation and TypeScript compilation in tests

  • 🐞 Fix Windows test compatibility issues (reverted ESM migration due to test breakage)

... (truncated)

Commits
  • cd3419c chore(release): 5.0.1
  • bf19648 chore(deps): upgrade to TypeScript 6.0 and ESLint 10, refresh dev deps
  • feb9fca chore(codeql): update CodeQL action versions to v4.36.2
  • 3e575b7 chore(changelog): update to v5.0.0 with Node.js v22+ support and security enh...
  • 0b5cb68 refactor(build.yml): skip build and test steps before publishing (they alread...
  • 0ce7b17 chore(workflows): update actions/checkout and actions/setup-node versions
  • 9f0fe77 chore(release): 5.0.0
  • dbbfe3d fix(package.json): update Node.js engine requirement to >=22
  • a6df9ee chore(build.yml): update Node.js versions to 22, 24, and 26
  • 0b640c0 fix(build.yml): add explicit build/lint steps for ignore-scripts compatibility
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [mkver](https://github.com/photostructure/mkver) from 4.3.1 to 5.0.1.
- [Release notes](https://github.com/photostructure/mkver/releases)
- [Changelog](https://github.com/photostructure/mkver/blob/main/CHANGELOG.md)
- [Commits](photostructure/mkver@v4.3.1...v5.0.1)

---
updated-dependencies:
- dependency-name: mkver
  dependency-version: 5.0.1
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 11, 2026
@github-actions github-actions Bot added the Stale label Jul 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code Stale

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants