Skip to content

Bump @changesets/cli from 2.30.0 to 2.31.0#2879

Merged
whitphx merged 1 commit intomainfrom
dependabot/npm_and_yarn/changesets/cli-2.31.0
Apr 28, 2026
Merged

Bump @changesets/cli from 2.30.0 to 2.31.0#2879
whitphx merged 1 commit intomainfrom
dependabot/npm_and_yarn/changesets/cli-2.31.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 24, 2026
edited
Loading

Bumps @changesets/cli from 2.30.0 to 2.31.0.

Release notes

Sourced from @​changesets/cli's releases.

@​changesets/cli@​2.31.0

Minor Changes

  • #1889 96ca062 Thanks @​mixelburg! - Error on unsupported flags for individual CLI commands and print the matching command usage to make mistakes easier to spot.

  • #1873 42943b7 Thanks @​mixelburg! - Respond to --help on all subcommands. Previously, --help was only handled when it was the sole argument; passing it alongside a subcommand (e.g. changeset version --help) would silently execute the command instead. Now --help always exits early and prints per-command usage when a known subcommand is provided, or the general help text otherwise.

Patch Changes

  • d2121dc Thanks @​Andarist! - Fix npm auth for path-based registries during publish by preserving configured registry URLs instead of normalizing them.

  • #1888 036fdd4 Thanks @​mixelburg! - Fix several changeset version issues with workspace protocol dependencies. Valid explicit workspace: ranges and aliases are no longer rewritten unnecessarily, and workspace path references are handled correctly during versioning.

  • #1903 5c4731f Thanks @​Andarist! - Gracefully handle stale npm info data leading to duplicate publish attempts.

  • #1867 f61e716 Thanks @​Andarist! - Improved detection for published state of prerelease-only packages without latest dist-tag on GitHub Packages registry.

  • Updated dependencies [036fdd4, 036fdd4, 036fdd4]:

    • @​changesets/assemble-release-plan@​6.0.10
    • @​changesets/get-dependents-graph@​2.1.4
    • @​changesets/apply-release-plan@​7.1.1
    • @​changesets/get-release-plan@​4.0.16
    • @​changesets/config@​3.1.4
Commits
  • 9cce6db Version Packages (#1897)
  • d2121dc Fix npm auth for path-based registries during publish by preserving configure...
  • 036fdd4 Fix several changeset version issues with workspace protocol dependencies (...
  • 5c4731f Gracefully handle stale npm info data leading to duplicate publish attempts...
  • 96ca062 Error on unsupported flags for individual CLI commands (#1889)
  • 42943b7 fix(cli): respond to --help on all subcommands (#1873)
  • f61e716 Improved detection for published state of prerelease-only packages without ...
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Apr 24, 2026
@changeset-bot
Copy link
Copy Markdown

changeset-bot Bot commented Apr 24, 2026
edited
Loading

⚠️ No Changeset found

Latest commit: 247673d

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 24, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
npm/@babel/runtime 7.29.2 🟢 7
Details
CheckScoreReason
Code-Review🟢 8Found 24/30 approved changesets -- score normalized to 8
Packaging⚠️ -1packaging workflow not detected
Maintained🟢 1030 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10
Security-Policy🟢 10security policy file detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 2badge detected: InProgress
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
npm/@changesets/apply-release-plan 7.1.1 🟢 6.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 7Found 21/28 approved changesets -- score normalized to 7
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 4security policy file detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 4branch protection is not maximal on development and all release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@changesets/assemble-release-plan 6.0.10 🟢 6.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 7Found 21/28 approved changesets -- score normalized to 7
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 4security policy file detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 4branch protection is not maximal on development and all release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@changesets/cli 2.31.0 🟢 6.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 7Found 21/28 approved changesets -- score normalized to 7
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 4security policy file detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 4branch protection is not maximal on development and all release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@changesets/config 3.1.4 🟢 6.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 7Found 21/28 approved changesets -- score normalized to 7
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 4security policy file detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 4branch protection is not maximal on development and all release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@changesets/get-dependents-graph 2.1.4 🟢 6.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 7Found 21/28 approved changesets -- score normalized to 7
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 4security policy file detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 4branch protection is not maximal on development and all release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
npm/@changesets/get-release-plan 4.0.16 🟢 6.2
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 7Found 21/28 approved changesets -- score normalized to 7
Packaging⚠️ -1packaging workflow not detected
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Security-Policy🟢 4security policy file detected
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 4branch protection is not maximal on development and all release branches
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • package-lock.json

@whitphx
Copy link
Copy Markdown
Owner

whitphx commented Apr 28, 2026

@dependabot rebase

@dependabot
Bump @changesets/cli from 2.30.0 to 2.31.0
247673d 
Bumps [@changesets/cli](https://github.com/changesets/changesets) from 2.30.0 to 2.31.0.
- [Release notes](https://github.com/changesets/changesets/releases)
- [Commits](https://github.com/changesets/changesets/compare/@changesets/cli@2.30.0...@changesets/cli@2.31.0)

---
updated-dependencies:
- dependency-name: "@changesets/cli"
  dependency-version: 2.31.0
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/changesets/cli-2.31.0 branch from 8d3b2a8 to 247673d Compare April 28, 2026 05:35
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Apr 28, 2026

VSIX File Tree

Archive:  /home/runner/work/_temp/emacs-mcx/emacs-mcx-2ca33e31ea34cfdb27bdcdc86a9a3e22fe5a2c63-25035858506-1292.vsix
  Length      Date    Time    Name
---------  ---------- -----   ----
     3038  2026-04-28 06:05   extension.vsixmanifest
      517  2026-04-28 06:05   [Content_Types].xml
   312626  2026-04-28 06:04   extension/package.json
    49843  2026-04-28 06:05   extension/readme.md
    15443  2026-04-28 06:04   extension/LICENSE.txt
    65145  2026-04-28 06:05   extension/changelog.md
    12664  2026-04-28 06:04   extension/images/icon.svg
    23256  2026-04-28 06:04   extension/images/icon.png
   285403  2026-04-28 06:05   extension/dist/extension.js
   135586  2026-04-28 06:05   extension/dist/web/extension.js
---------                     -------
   903521                     10 files

@whitphx whitphx merged commit 74ba5d9 into main Apr 28, 2026
14 of 15 checks passed
@whitphx whitphx deleted the dependabot/npm_and_yarn/changesets/cli-2.31.0 branch April 28, 2026 11:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@whitphx