[renovate] Update all dependencies (major)

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
@semantic-release/commit-analyzer	^8.0.1 -> ^13.0.1
@semantic-release/git	^9.0.0 -> ^10.0.1
@semantic-release/npm	^7.1.0 -> ^13.1.2
babel-plugin-module-resolver	^4.1.0 -> ^5.0.2
chai (source)	^4.3.4 -> ^6.2.1
chai-as-promised	^7.1.1 -> ^8.0.2
eslint (source)	^7.23.0 -> ^9.39.1
mocha (source)	^8.3.2 -> ^11.7.5
nyc (source)	^15.1.0 -> ^17.1.0
semantic-release	19 -> 25.0.2
sinon (source)	^10.0.0 -> ^21.0.0
sinon-chai	^3.6.0 -> ^4.0.1
sort-any	^2.0.0 -> ^4.0.7

---

Release Notes

semantic-release/commit-analyzer (@​semantic-release/commit-analyzer)

v13.0.1

Compare Source

Bug Fixes

• deps: update dependency import-from-esm to v2 (#​741) (f106b76)

v13.0.0

Compare Source

Bug Fixes

• log the raw message again (e2f5d6c)

Features

• support latest conventional-changelog packages (0254d7a)

BREAKING CHANGES

• by supporting the latest major versions of conventional-changelog packages, we are
  dropping support for previous major versions of those packages due to the breaking changes between
  majors. this only impacts your project if you are installing alongside semantic-release, so updating
  those packages to latest version should be the only change you need for this update. no action
  should be necessary if you are using default semantic-release config

v12.0.0

Compare Source

Features

• exports: defined exports to point at ./index.js (f3358dd)
• node-versions: dropped support for node v18 and v19 (0a23b82)

BREAKING CHANGES

• exports: exports has been defined, which prevents access to private apis (which arent
  intended for consumption anyway)
• node-versions: node v18 and v19 are no longer supported

v11.1.0

Compare Source

Features

• add support for ESM presets (#​537) (9dc87e0)

v11.0.0

Compare Source

Bug Fixes

• config-loader: accounted for normalization of preset interfaces (3ff9458)
• deps: update dependency conventional-commits-filter to v4 (99dcf7e)

Features

• conventional-changelog-presets: supported new preset format (f3b88d3)
• node-versions: raised the minimum node version to v18.17 and dropped v19 support (a681fbd)

BREAKING CHANGES

• node-versions: the minimum required node version is now v18.17, v19 support has been dropped, and the minimum required in the v20 range is v20.6.1
• conventional-changelog-presets: the new preset format is a breaking change when compared to the previous preset format. updating to support the new format means that the old preset format is no longer supported. update your preset to the latest version to maintain compatibility

v10.0.4

Compare Source

Bug Fixes

• deps: update dependency conventional-commits-parser to v5 (a7201b6)

v10.0.3

Compare Source

Reverts

• Revert "fix(deps): update dependency conventional-commits-parser to v5 (#​501)" (ab3ee9f), closes #​501
• Revert "chore(deps): update dependency conventional-changelog-atom to v4 (#​502)" (f21eb8e), closes #​502
• Revert "chore(deps): update dependency conventional-changelog-ember to v4 (#​504)" (c48b533), closes #​504

v10.0.2

Compare Source

Bug Fixes

• deps: update dependency conventional-commits-parser to v5 (#​501) (91cf4d5)

v10.0.1

Compare Source

Bug Fixes

• deps: update dependency conventional-changelog-angular to v6 (#​460) (0607201)
• deps: update dependency conventional-commits-filter to v3 (#​461) (97d683f)
• deps: update dependency conventional-commits-parser to v4 (#​462) (5d94efa)

v10.0.0

Compare Source

Code Refactoring

• esm: converted the package to esm (b4f9865), closes #​296

Features

• deps: raised the peer-dependency requirement on semantic-release to v20.1.0 (e1ab8ea)
• node-versions: raised the minimum required node version to v18 (affeb23)

BREAKING CHANGES

• deps: the minimum required version of semantic-release is now v20.1.0 in order to support
  loading ESM plugins
• node-versions: the minimum required version of node is now v18
• esm: @semantic-release/commit-analyzer is now a native ES Module. It has named exports
  for each plugin hook (analyzeCommits)

v9.0.2

Compare Source

Bug Fixes

• bump conventional commits parser to version 3.2.3 (#​289) (fc0a88a)

v9.0.1

Compare Source

Bug Fixes

• deps: update dependency import-from to v4 (#​235) (2da0011)

v9.0.0

Compare Source

Features

• raise minimum version of Node to v14.17 (#​248) (6eeaeb2)

BREAKING CHANGES

• the minimum required version of node is now v14.17

semantic-release/git (@​semantic-release/git)

v10.0.1

Compare Source

Bug Fixes

• deps: update dependency @​semantic-release/error to v3 (#​295) (3e934d4)

v10.0.0

Compare Source

Features

• node-version: raised the minimum required version to v14.17 (7ab65f8)

BREAKING CHANGES

• node-version: the minimum required version of node is now v14.17

v9.0.1

Compare Source

Bug Fixes

• deps: update dependency execa to v5 (#​228) (f536d60)

semantic-release/npm (@​semantic-release/npm)

v13.1.2

Compare Source

Bug Fixes

• deps: update dependency read-pkg to v10 (#​1032) (f3f1a00)

v13.1.1

Compare Source

Bug Fixes

• publish-dry-run: temporarily remove the addition of dry-running the publish step (30bd176)

v13.1.0

Compare Source

Features

• trusted-publishing: verify auth, considering OIDC vs tokens from various registries (e3319f1), closes #​958
• trusted-publishing: refine the messages for related errors (316ce21), closes #​958
• trusted-publishing: make request to verify if OIDC token exchange can succeed (c80ecb0), closes #​958
• trusted-publishing: pass id-token as bearer header for github actions (d83b727), closes #​958
• trusted-publishing: pass id-token as bearer header for gitlab pipelines (6d1c3cf), closes #​958
• trusted-publishing: handle failure to retrieve id-token in the context of github actions (b673257), closes #​958
• auth-error: update messaging for auth failure to be less token specific (e24967d)
• auth: attempt a dry-run publish to determine auth status (841dc67)

Bug Fixes

• trusted-publishing: uri encode the package name for the token exchange request (3dd95d0), closes #​958
• auth: throw appropriate error when auth context fails to enable publishing (f5c8d85)
• auth: throw error if dry-run publish determines lack of auth (8f88e9d)
• verify-auth: enable the publish dry-run to work for projects publishing from a sub-directory (e7d684c)

v13.0.0

Compare Source

Features

• node-versions: drop support for node versions v20, v21, and v23
• node-versions: raise the minimum node version requirement for the v24 range (935439e)

Bug Fixes

• deps: update npm to v11 (debc7c5), closes #​966 #​966
• deps: update to the latest version of npm (1b25d6c)

BREAKING CHANGES

• node-versions: the minimum node version for the v24 range is now v24.10.0
• deps: a minimum of node v22.14 is now required

v12.0.2

Compare Source

Bug Fixes

• deps: update npm to ^10.9.3 (#​972) (93e0937)

v12.0.1

Compare Source

Bug Fixes

• deps: update dependency execa to v9 (9ac5ed0)

v12.0.0

Compare Source

Features

• exports: defined exports to point at ./index.js (9e193c2)
• node-versions: dropped support for node v18 and v19 (2df962b)

BREAKING CHANGES

• exports: exports has been defined, which prevents access to private apis (which arent
  intended for consumption anyway)
• node-versions: node v18 and v19 are no longer supported

v11.0.3

Compare Source

Bug Fixes

• deps: raised the minimum accepted range of npm to v10.5.0 (#​759) (a0313f8), closes semantic-release/semantic-release#3202

even though our existing range allowed anyone to update as soon as the new npm version was available, this will encourage being on a version that does not report the ip vulnerability a bit more forcefully

v11.0.2

Compare Source

Bug Fixes

• deps: update dependency npm to v10.2.5 (42b5dec)

v11.0.1

Compare Source

Bug Fixes

• deps: update dependency read-pkg to v9 (#​703) (6e84013)

v11.0.0

Compare Source

Bug Fixes

• deps: update dependency npm to v10 (819f257)

Features

• node-versions: raised the minimum required node version to v18.17 and dropped v19 support (6413130)

BREAKING CHANGES

• node-versions: node v18.17 is now the minimum required version and support for v19 has been dropped

v10.0.6

Compare Source

Bug Fixes

• deps: update dependency aggregate-error to v5 (#​676) (f2bc9e7)

v10.0.5

Compare Source

Bug Fixes

• deps: update dependency execa to v8 (#​659) (502d5ba)

v10.0.4

Compare Source

Bug Fixes

• deps: update dependency @​semantic-release/error to v4 (#​628) (53a1012)

v10.0.3

Compare Source

Bug Fixes

• deps: update dependency read-pkg to v8 (#​602) (aaddc5c)

v10.0.2

Compare Source

Bug Fixes

• deps: update dependency fs-extra to v11.1.1 (#​591) (31e0e27)

v10.0.1

Compare Source

Bug Fixes

• deps: update dependency execa to v7 (#​575) (4c11706)

v10.0.0

Compare Source

Bug Fixes

• aggregate-error: upgraded to the latest version (7285e05)
• deps: upgraded npm to v9 (2a79f80)
• execa: upgraded to the latest version (7c74660)
• normalize-url: upgraded to the latest version (b55bb01)
• remove support for legacy auth (51ab3c8)
• tempy: upgraded to the latest version of tempy (f1992a5)

Code Refactoring

• esm: converted the package to esm (2d8ff15)

Features

• node-versions: dropped support for node versions below v18 (aff3574)
• semantic-release-peer: raised the minimum peer requirement to the first version that supports loading esm plugins (22e70ad)

BREAKING CHANGES

• deps: the direct dependency on npm has been upgraded to v9. details of breaking changes
  can be found at https://github.com/npm/cli/releases/tag/v9.0.0
• semantic-release-peer: the required version of semantic-release has been
  raised to v20.1.0 in order to support loading of ESM plugins
• aggregate-error: due to the aggregate-error upgrade, thrown errors are no longer iterable, but instead list the errors under an errors property
• legacy authentication using NPM_USERNAME and NPM_PASSWORD is no longer supported. Use NPM_TOKEN instead.
• node-versions: node v18 is now the minimum required node version
• esm: @semantic-release/npm is now a native ES Module. It
  has named exports for each plugin hook (verifyConditions, prepare,
  publish, addChannel)

v9.0.2

Compare Source

Bug Fixes

• deps: update dependency fs-extra to v11 (7157d76)
• deps: update dependency npm to v9 (28265ec)
• deps: update dependency registry-auth-token to v5 (187671f)
• revert): "fix(deps: update dependency npm to v9" (#​561) (c28a848)

v9.0.1

Compare Source

Bug Fixes

• add missed preferLocal option for execa call (#​458) (c817a88)

v9.0.0

Compare Source

Bug Fixes

• add preferLocal option to allow execa to use local npm version (#​445) (002439e)
• updated the peer requirement for semantic-release to the new stable version (575a5a4)
• updated the peer requirement on semantic-release to a version matching the engines definition of this package (2d1f5f2)
• upgrade npm dependency to v8 (a12d6e5)

BREAKING CHANGES

• the minimum required peer of semantic-release has been raised to match the engines.node requirements of this package
• npm v8 dropped support for node v15, so it is no longer supported in this plugin. this should be low impact since node v15 is already EOL

Co-authored-by: Matt Travi programmer@travi.org

v8.0.3

Compare Source

Reverts

• Revert "chore(deps): update dependency p-retry to v5 (#​424)" (#​425) (df11027), closes #​424 #​425

v8.0.2

Compare Source

Bug Fixes

• README: correct docs on authentication (#​413) (f089d9d)

v8.0.1

Compare Source

Bug Fixes

• deps: update dependency @​semantic-release/error to v3 (#​402) (60832fb)

v8.0.0

Compare Source

Features

• node-version: raised the minimum required version to v14.17 (#​387) (#​399) (f65e49d)

BREAKING CHANGES

• node-version: the minimum required version of node is now v14.17

Co-authored-by: Matt Travi programmer@travi.org

v7.1.3

Compare Source

Bug Fixes

• use NPM_CONFIG_USERCONFIG in get-registry to match auth (#​362) (13200ca)

v7.1.2

Compare Source

Bug Fixes

• deps: update dependency fs-extra to v10 (80fde1e)

v7.1.1

Compare Source

Bug Fixes

• deps: update dependency normalize-url to v6 (97ca719)

tleunen/babel-plugin-module-resolver (babel-plugin-module-resolver)

v5.0.2

Compare Source

v5.0.1

Compare Source

v5.0.0

Compare Source

⚠ BREAKING CHANGES

• Remove support for Node < 16

• Update dependencies and find-babel-config to fix json5 vulnerabilities (#​441) (c43e71c)

chaijs/chai (chai)

v6.2.1

Compare Source

What's Changed

• chore: add renovate config by @​43081j in #​1709
• chore: use new renovate schema by @​43081j in #​1713
• chore(deps): update actions/setup-node action to v5 (main) by @​renovate[bot] in #​1711
• chore(deps): update actions/checkout action to v5 (main) by @​renovate[bot] in #​1710
• chore(deps): update dependency eslint to v9 (main) by @​renovate[bot] in #​1715
• chore(deps): update dependency @​rollup/plugin-commonjs to v28 (main) by @​renovate[bot] in #​1714
• chore(deps): update dependency mocha to v11 (main) by @​renovate[bot] in #​1717
• chore(deps): update dependency eslint-plugin-jsdoc to v60 (main) by @​renovate[bot] in #​1716
• chore: disable renovate for 4.x.x by @​43081j in #​1722
• chore(deps): update dependency eslint-plugin-jsdoc to v61 by @​renovate[bot] in #​1727
• chore(deps): update actions/setup-node action to v6 by @​renovate[bot] in #​1729
• chore(deps): update dependencies by @​renovate[bot] in #​1726
• chore(deps): update dependencies by @​renovate[bot] in #​1730
• chore(deps): update dependency node to v24 by @​renovate[bot] in #​1731
• chore(deps): update dependency @​rollup/plugin-commonjs to v29 by @​renovate[bot] in #​1732
• chore(deps): update dependencies by @​renovate[bot] in #​1734
• build(deps): bump koa from 2.14.2 to 2.16.1 by @​dependabot[bot] in #​1683
• docs: update browser usage by @​43081j in #​1736
• chore(deps): update dependencies by @​renovate[bot] in #​1740
• docs: add comprehensive documentation for containSubset assertion by @​Aashish-Jha-11 in #​1739
• Set esbuild target to es2021 to support Safari < 16.4 by @​larabr in #​1737

New Contributors

• @​renovate[bot] made their first contribution in #​1711
• @​Aashish-Jha-11 made their first contribution in #​1739
• @​larabr made their first contribution in #​1737

Full Changelog: chaijs/chai@v6.2.0...v6.2.1

v6.2.0

Compare Source

What's Changed

• feat(events): add addChainableMethod event by @​perrin4869 in #​1707

Full Changelog: chaijs/chai@v6.1.0...v6.2.0

v6.1.0

Compare Source

What's Changed

• build(deps-dev): bump tar-fs from 3.0.9 to 3.1.1 by @​dependabot[bot] in #​1706
• feat: add eventEmitter (#​1693)
  Adds an event emitter for hooking into method/property creation in #​1693

Full Changelog: chaijs/chai@v6.0.2...v6.1.0

v6.0.1

Compare Source

What's Changed

• fix: keep function/class names in bundle by @​43081j in #​1701

Full Changelog: chaijs/chai@v6.0.0...v6.0.1

v6.0.0

Compare Source

BREAKING CHANGES

Chai is now bundled into a single file. The lib/*.js files are no longer present, and so any code that imports those files directly will need to change. The only file that can be imported now is ./index.js.

What's Changed

• feat: remove unbundled sources by @​43081j in #​1700

Full Changelog: chaijs/chai@v5.3.2...v6.0.0

v5.3.3

Compare Source

What's Changed

• fix: keep names in bundle by @​43081j in #​1702
• chore: support publishing v5 by @​43081j in #​1703
• chore: update npm tag name by @​43081j in #​1704

Full Changelog: chaijs/chai@v5.3.2...v5.3.3

v5.3.2

Compare Source

Reverts the removal of the bundled version of chai in 5.3.1

What's Changed

• Update core contributors by @​keithamus in #​1697
• feat: reintroduce bundle by @​43081j in #​1699

Full Changelog: chaijs/chai@v5.3.1...v5.3.2

v5.3.1

Compare Source

What's Changed

• chore: remove bundled chai by @​43081j in #​1694

Full Changelog: chaijs/chai@v5.3.0...v5.3.1

v5.3.0

Compare Source

What's Changed

• chore: change main to point at chai directly by @​43081j in #​1696

Full Changelog: chaijs/chai@v5.2.2...v5.3.0

v5.2.2

Compare Source

What's Changed

• chore: use files for publishing by @​43081j in #​1695

Full Changelog: chaijs/chai@v5.2.1...v5.2.2

v5.2.1

Compare Source

What's Changed

Mostly internal changes but @​SuperchupuDev realised the package.json engines field was out of date, so it has been updated to reflect that v5.0.0 onwards only supports Node >=18.

• build(deps): bump serialize-javascript and mocha by @​dependabot in #​1673
• build(deps-dev): bump esbuild from 0.19.10 to 0.25.0 by @​dependabot in #​1671
• Enable no-var rule and fix violations by @​koddsson in #​1675
• Convert Assertion function to a class by @​koddsson in #​1677
• More typing by @​koddsson in #​1679
• build(deps-dev): bump tar-fs from 3.0.6 to 3.0.8 by @​dependabot in #​1682
• build(deps-dev): bump tar-fs from 3.0.8 to 3.0.9 by @​dependabot in #​1688
• chore: fix lint errors and add lint to CI by @​43081j in #​1689
• docs: update minimum node version in readme by @​SuperchupuDev in #​1691
• chore: update minimum node version by @​SuperchupuDev in #​1692

New Contributors

• @​SuperchupuDev made their first contribution in #​1691

Full Changelog: chaijs/chai@v5.2.0...v5.2.1

v5.2.0

Compare Source

What's Changed

• fix: ability to register more plugins inside a plugin by @​tpluscode in #​1639
• chore: bump playwright to fix CI by @​43081j in #​1663
• chore: introduce prettier and run it by @​43081j in #​1660
• chore: drop old CJS entrypoints by @​43081j in #​1662
• chore: enable eslint recommended config by @​43081j in #​1659
• Integrated chai-subset and added assert-based negation to containSubset by @​BreadInvasion in #​1664
• Add coverage check to tests by @​koddsson in #​1669
• fix floating point precision in closeTo

---

Configuration

📅 Schedule: Branch creation - "after 7am on saturday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.