chore(deps): update semantic-release monorepo (major)

[renovate]

This PR contains the following updates:

Package	Change	Age	Confidence
@semantic-release/github	11.0.6 -> 12.0.2
@semantic-release/npm	12.0.2 -> 13.1.3
semantic-release	24.2.9 -> 25.0.2

---

Release Notes

semantic-release/github (@​semantic-release/github)

v12.0.2

Compare Source

Bug Fixes

• add undici ProxyAgent support for GitHub Enterprise Server behind proxies (#​1104) (15def77)

v12.0.1

Compare Source

Bug Fixes

• deps: update dependency @​octokit/plugin-paginate-rest to v14 (#​1112) (8df8d4a)

v12.0.0

Compare Source

Features

• node-versions: drop support for node versions v20, v21, and v23 (6e2ac27)
• node-versions: raise the minimum node version requirement for the v24 range (4d6924d)
• remove github search api consumption (#​1037) (d260bfd), closes #​1022

BREAKING CHANGES

• node-versions: the minimum node version for the v24 range is now v24.10.0
• @semantic-release/github no longer consumes the GitHub Search API in the plugin
• node-versions: a minimum of node v22.14 is now required

semantic-release/npm (@​semantic-release/npm)

v13.1.3

Compare Source

v13.1.2

Compare Source

Bug Fixes

• deps: update dependency read-pkg to v10 (#​1032) (f3f1a00)

v13.1.1

Compare Source

Bug Fixes

• publish-dry-run: temporarily remove the addition of dry-running the publish step (30bd176)

v13.1.0

Compare Source

Features

• trusted-publishing: verify auth, considering OIDC vs tokens from various registries (e3319f1), closes #​958
• trusted-publishing: refine the messages for related errors (316ce21), closes #​958
• trusted-publishing: make request to verify if OIDC token exchange can succeed (c80ecb0), closes #​958
• trusted-publishing: pass id-token as bearer header for github actions (d83b727), closes #​958
• trusted-publishing: pass id-token as bearer header for gitlab pipelines (6d1c3cf), closes #​958
• trusted-publishing: handle failure to retrieve id-token in the context of github actions (b673257), closes #​958
• auth-error: update messaging for auth failure to be less token specific (e24967d)
• auth: attempt a dry-run publish to determine auth status (841dc67)

Bug Fixes

• trusted-publishing: uri encode the package name for the token exchange request (3dd95d0), closes #​958
• auth: throw appropriate error when auth context fails to enable publishing (f5c8d85)
• auth: throw error if dry-run publish determines lack of auth (8f88e9d)
• verify-auth: enable the publish dry-run to work for projects publishing from a sub-directory (e7d684c)

v13.0.0

Compare Source

Features

• node-versions: drop support for node versions v20, v21, and v23
• node-versions: raise the minimum node version requirement for the v24 range (935439e)

Bug Fixes

• deps: update npm to v11 (debc7c5), closes #​966 #​966
• deps: update to the latest version of npm (1b25d6c)

BREAKING CHANGES

• node-versions: the minimum node version for the v24 range is now v24.10.0
• deps: a minimum of node v22.14 is now required

semantic-release/semantic-release (semantic-release)

v25.0.2

Compare Source

Bug Fixes

• deps: update dependency read-package-up to v12 (#​3935) (1494cb9)

v25.0.1

Compare Source

Bug Fixes

• deps: update to the latest version of the npm plugin to add trusted publishing support (fad173e), closes semantic-release/npm#958

v25.0.0

Compare Source

Bug Fixes

• deps: update dependency hosted-git-info to v9 (9fa04f8)
• deps: update dependency yargs to v18 (#​3745) (cde9a72)
• deps: update to the stable version of the github plugin (f12cf81)
• deps: update to the stable version of the release-notes-generator plugin (d9def72)
• deps: updated to the stable version of the commit-analyzer plugin (291533b)
• deps: upgrade to the new major version of the npm plugin, which upgrades npm to v11 for publishing (1be8290)

Features

• node-versions: drop support for node versions v20, v21, and v23 (56d16f4)
• node-versions: raise the minimum node version for the v24 range (116a188)

BREAKING CHANGES

• node-versions: the minimum node version for the v24 range is now v24.10.0
• node-versions: a minimum of node v22.14 is now required

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	@​semantic-release/​github@​11.0.6 ⏵ 12.0.2
	semantic-release@​24.2.9 ⏵ 25.0.2
	@​semantic-release/​npm@​12.0.2 ⏵ 13.1.3

View full report

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}