@commitlint/cli has a new version, 19.5.0, released on September 11, 2024, succeeding version 19.4.1 released on August 28, 2024. Both versions serve the purpose of linting commit messages. Key differences lie in the dependencies. Version 19.5.0 replaces "execa" with "tinyexec" and brings updates to several @commitlint dependencies to version 19.5.0, including @commitlint/lint, @commitlint/load, @commitlint/read, @commitlint/types, and @commitlint/format. In contrast, version 19.4.1 uses older versions of these packages, such as @commitlint/load and @commitlint/read at 19.4.0, @commitlint/types at 19.0.3 and @commitlint/format at 19.3.0. The developer dependencies also get an update with @commitlint/test and @commitlint/utils moving to version 19.5.0 in the newest release. Package size slightly increased from version 19.4.1 with 31182 unpacked size to version 19.5.0 with unpacked size 32374.
For developers, this means upgrading to 19.5.0 will introduce "tinyexec", potentially impacting how external commands are executed and offering a possibly lighter dependency footprint compared to "execa". The synchronized updates across the core @commitlint libraries suggest bug fixes, performance improvements, or new features within the linting process itself. Therefore, developers should assess "tinyexec's" behavior and review the changes within the updated @commitlint libraries to ensure compatibility and leverage any new functionalities. Be aware of slight size increases in the module.
The are not vulnerabilities for the version 19.5.0 of the package @commitlint/cli
