chore: 🔖 release new versions

[github-actions]

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@redocly/cli@2.21.0

Minor Changes

• Added a new option to the filter-in decorator, allowing to filter through specific target nodes (PathItem or Operation).
• Added a new option to the filter-out decorator, allowing to filter through specific target nodes (PathItem or Operation).
• Added support for the NO_PROXY environment variable.

Patch Changes

• Updated @redocly/openapi-core to v2.21.0.

@redocly/openapi-core@2.21.0

Minor Changes

• Added a new option to the filter-in decorator, allowing to filter through specific target nodes (PathItem or Operation).
• Added a new option to the filter-out decorator, allowing to filter through specific target nodes (PathItem or Operation).

@redocly/respect-core@2.21.0

Patch Changes

• Updated @redocly/openapi-core to v2.21.0.

[github-actions]

Coverage Report

Status	Category	Percentage	Covered / Total
🔵	Lines	79.27% (🎯 79%)	6436 / 8119
🔵	Statements	78.72% (🎯 78%)	6655 / 8453
🔵	Functions	82.5% (🎯 82%)	1316 / 1595
🔵	Branches	71.24% (🎯 71%)	4401 / 6177

File Coverage

No changed files found.

Generated in workflow #8941 for commit 6d206ef by the Vitest Coverage Report Action

[github-actions]

CLI Version	Mean Time ± Std Dev (s)	Relative Performance (Lower is Faster)
cli-2.0.0	3.468s ± 0.054s	▓ 1.02x
cli-2.03.1	3.488s ± 0.037s	▓ 1.02x
cli-2.08.0	3.537s ± 0.036s	▓▓ 1.04x
cli-2.11.1	3.597s ± 0.037s	▓▓ 1.06x
cli-2.12.0	3.629s ± 0.027s	▓▓ 1.06x
cli-2.12.2	3.511s ± 0.031s	▓ 1.03x
cli-2.13.0	3.511s ± 0.026s	▓ 1.03x
cli-2.14.1	3.583s ± 0.032s	▓▓ 1.05x
cli-2.14.2	3.424s ± 0.035s	▓ 1.00x
cli-2.19.2	3.439s ± 0.031s	▓ 1.01x
cli-2.20.1	3.433s ± 0.028s	▓ 1.01x
cli-latest	3.408s ± 0.027s	▓ 1.00x (Fastest)
cli-next	3.454s ± 0.029s	▓ 1.01x

[enderax]

🔍 Container Security Scan Results 🔴

Image: redocly/cli@sha256:f96501f28298fbab9729985cff35ce0374e17fa0739230127dd92e16754bd114
Status: CRITICAL vulnerabilities found

Vulnerability Summary

Severity	Total	OS Packages	Libraries	Status
🔴 Critical	1	1	0	❌
:large_orange_circle: High	4	0	4	⚠️
🟡 Medium	9	-	-	ℹ️
⚪ Low	1	-	-	ℹ️

Top Vulnerabilities

Severity	CVE	Package	Version	Fix Available
💥 🔴 CRITICAL	UNKNOWN	zlib	1.3.1-r2	1.3.2-r0
💥 :large_orange_circle: HIGH	UNKNOWN	minimatch	10.2.2	10.2.3
💥 :large_orange_circle: HIGH	UNKNOWN	minimatch	10.2.2	10.2.3
:large_orange_circle: HIGH	UNKNOWN	tar	7.5.9	7.5.11
:large_orange_circle: HIGH	UNKNOWN	tar	7.5.9	7.5.10

💥 = Public exploit available

🔧 Recommended Actions

OS Package Vulnerabilities (1 Critical, 0 High):

• Use minimal base images (e.g., alpine, distroless)
• Update base image to latest version
• Example: FROM alpine:3.19 -> FROM alpine:3.20

Library Vulnerabilities (0 Critical, 4 High):

• Update dependencies in your package manager (package.json, requirements.txt, go.mod, etc.)
• Pin specific versions instead of tags for reproducible builds
• Example: alpine:3 (tag) -> alpine:3.19.1 (pinned version)

Attestation

✅ Binary Authorization attestation created - image approved for deployment

---

Build ID: 5ca85454-a963-4065-812f-8ab1b07a937c
Resources: Container Security Best Practices