@commitlint/cli version 12.0.1 is a minor update to the commit message linter, building upon the foundation established in version 12.0.0. Both versions serve the same core purpose: enforcing commit message conventions to maintain a consistent and informative project history, ultimately benefiting collaboration and automation.
The key differences between these two versions are subtle, primarily revolving around dependency updates. Version 12.0.1 upgrades several internal @commitlint packages (@commitlint/lint, @commitlint/load, @commitlint/read, @commitlint/types, @commitlint/format) from version 12.0.0 to 12.0.1 and also updates the yargs dependency from "^16.0.0" to "^16.2.0". Additionally, the @types/yargs dev dependency is updated from "^15.0.5" to "^16.0.0".
For developers, this means that upgrading to 12.0.1 should be a relatively smooth process with minimal breaking changes expected since it's a patch update. While the core functionality remains the same, these dependency updates often include bug fixes, performance improvements, and security patches within the dependencies themselves. Therefore, upgrading is generally recommended to leverage the latest enhancements and stability improvements provided by the underlying libraries used by @commitlint/cli.
If you're currently using version 12.0.0, migrating to 12.0.1 requires a simple update of the package. Enjoy cleaner commit messages and a better Git history!
All the vulnerabilities related to the version 12.0.1 of the package
semver vulnerable to Regular Expression Denial of Service
Versions of the package semver before 7.5.2 on the 7.x branch, before 6.3.1 on the 6.x branch, and all other versions before 5.7.2 are vulnerable to Regular Expression Denial of Service (ReDoS) via the function new Range, when untrusted user data is provided as a range.
