@commitlint/cli has been updated from version 18.6.1 to 19.0.0, bringing notable changes for developers focused on commit message linting. A primary difference lies in the updated dependencies. Version 19.0.0 features newer versions of key packages like execa (upgraded from ^5.0.0 to ^8.0.1). This upgrade likely brings performance improvements and newer feature sets from execa, which is crucial for executing commands within the linting process.
Furthermore, the core @commitlint libraries have all been bumped to version 19.0.0. @commitlint/lint, @commitlint/load, @commitlint/read, @commitlint/types, and @commitlint/format. This consistent versioning across core packages suggests a coordinated release with potential bug fixes and feature enhancements across the entire @commitlint ecosystem which guarantees better compatibility. Conversely, version 18.6.1 depended on lodash.isfunction, which is no longer present in the dependencies of version 19.0.0. This hints at a refactoring of the codebase, perhaps replacing lodash functionality with native JavaScript alternatives for improved performance or reduced bundle size.
The resolve-global dependency has also been updated significantly from version 1.0.0 to ^2.0.0, potentially affecting how globally installed configurations are resolved. Developers relying on global configurations should test carefully when upgrading. The devDependencies also see an upgrade in @types/node going from version 18.11.9 to 18.19.17 and changes in the @commitlint/test depending on version number (18.0.0 to 19.0.0).
Overall, the upgrade from 18.6.1 to 19.0.0 focuses on dependency updates, internal refactoring, and potential performance improvements. Developers should thoroughly examine potentially breaking changes and test their configurations to ensure a smooth transition with commitlint.
The are not vulnerabilities for the version 19.0.0 of the package @commitlint/cli
