[Snyk] Security upgrade semantic-release from 19.0.3 to 22.0.0

[DamionWaltermeyer]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `npm` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • package.json
• package-lock.json

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Breaking Change	Exploit Maturity
	479/1000 Why? Has a fix available, CVSS 5.3	Regular Expression Denial of Service (ReDoS) SNYK-JS-MINIMATCH-3050818	Yes	No Known Exploit
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Regular Expression Denial of Service (ReDoS) SNYK-JS-SEMVER-3247795	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Commit messages

Package name: semantic-release

The new version differs by 238 commits.

• 11788ed Merge pull request #2934 from semantic-release/beta
• b93bef4 feat(node-versions): raised the minimum supported node version w/in the v20 range to v20.6.1
• 6604153 Merge branch 'master' of github.com:semantic-release/semantic-release into beta
• e623cc6 feat(node-versions): raised the minimum node v20 requirement to v20.6
• 42f7b82 chore(deps): update dependency testdouble to v3.19.0 (#2961)
• 1017e1a fix(deps): update dependency aggregate-error to v5 (#2956)
• a23b718 fix(deps): upgraded to the latest version of the npm plugin with npm v10
• fb850ff Merge branch 'master' of github.com:semantic-release/semantic-release into beta
• b9f294d feat(node-versions): raised the minimum required node version to v18.17 and dropped v19 support
• 03a687b fix(deps): updated to the latest beta of the commit analyzer plugin
• 86a639d ci(action): update github/codeql-action action to v2.21.7 (#2958)
• da56201 chore(deps): update dependency sinon to v16 (#2954)
• 89d51e7 ci(action): update github/codeql-action action to v2.21.6 (#2953)
• de8e4e0 fix(deps): updated to the latest betas of the commit-analyzer and release-notes-generator plugins
• 0fd3bb8 chore(deps): lock file maintenance (#2948)
• c39513f ci(action): update actions/upload-artifact action to v3.1.3 (#2943)
• 6a5d961 docs(plugins): add @ terrestris/maven-semantic-release (#2939)
• 19c0965 ci(action): update actions/checkout action to v4 (#2938)
• 32a2480 chore(deps): lock file maintenance (#2936)
• 72ab317 feat: defined exports for the package
• 07a79ea feat(conventional-changelog-presets): supported new preset format
• 0d92579 chore(deps): update dependency prettier to v3.0.3 (#2930)
• cb6613e ci(action): update github/codeql-action action to v2.21.5 (#2928)
• 9e10e44 chore(deps): lock file maintenance (#2923)

See the full diff

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Note: This is a default PR template raised by Snyk. Find out more about how you can customise Snyk PRs in our documentation.

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Regular Expression Denial of Service (ReDoS)