Skip to content

chore: 🔖 release new versions#2650

Merged
DmitryAnansky merged 1 commit intomainfrom
changeset-release/main
Mar 12, 2026
Merged

chore: 🔖 release new versions#2650
DmitryAnansky merged 1 commit intomainfrom
changeset-release/main

Conversation

@github-actions
Copy link
Copy Markdown
Contributor

@github-actions github-actions Bot commented Mar 12, 2026
edited
Loading

This PR was opened by the Changesets release GitHub action. When you're ready to do a release, you can merge this and the packages will be published to npm automatically. If you're not ready to do a release yet, that's fine, whenever you add more changesets to main, this PR will be updated.

Releases

@redocly/cli@2.21.1

Patch Changes

  • Restricted scorecard-classic project URL to the .redocly.com domain only.
  • Fixed an issue where join --prefix-components-with-info-prop would incorrectly rewrite discriminator mapping refs.
    This issue occurred when schema names contained the same substring as the prefix.
  • Updated @redocly/openapi-core to v2.21.1.

@redocly/respect-core@2.21.1

Patch Changes

  • Updated @redocly/openapi-core to v2.21.1.

@redocly/openapi-core@2.21.1

@github-actions github-actions Bot requested review from a team as code owners March 12, 2026 10:12
@DmitryAnansky DmitryAnansky reopened this Mar 12, 2026
@github-actions
Copy link
Copy Markdown
Contributor Author

github-actions Bot commented Mar 12, 2026
edited
Loading

Coverage Report

Status Category Percentage Covered / Total
🔵 Lines 79.26% (🎯 79%) 6441 / 8126
🔵 Statements 78.72% (🎯 78%) 6660 / 8460
🔵 Functions 82.51% (🎯 82%) 1317 / 1596
🔵 Branches 71.22% (🎯 71%) 4401 / 6179
File CoverageNo changed files found.
Generated in workflow #8959 for commit c8c752d by the Vitest Coverage Report Action

@github-actions github-actions Bot force-pushed the changeset-release/main branch from 18418e0 to c8c752d Compare March 12, 2026 10:21
@DmitryAnansky DmitryAnansky reopened this Mar 12, 2026
@github-actions
Copy link
Copy Markdown
Contributor Author

github-actions Bot commented Mar 12, 2026
edited
Loading

CLI Version Mean Time ± Std Dev (s) Relative Performance (Lower is Faster)
cli-2.0.0 3.401s ± 0.036s ▓ 1.01x
cli-2.03.1 3.447s ± 0.016s ▓ 1.02x
cli-2.08.0 3.505s ± 0.049s ▓▓ 1.04x
cli-2.11.1 3.567s ± 0.028s ▓▓ 1.06x
cli-2.12.0 3.558s ± 0.026s ▓▓ 1.06x
cli-2.12.2 3.412s ± 0.024s ▓ 1.01x
cli-2.13.0 3.432s ± 0.024s ▓ 1.02x
cli-2.14.1 3.489s ± 0.025s ▓▓ 1.04x
cli-2.14.2 3.369s ± 0.019s ▓ 1.00x (Fastest)
cli-2.19.2 3.390s ± 0.017s ▓ 1.01x
cli-2.20.1 3.417s ± 0.029s ▓ 1.01x
cli-latest 3.417s ± 0.016s ▓ 1.01x
cli-next 3.420s ± 0.024s ▓ 1.01x

@DmitryAnansky DmitryAnansky merged commit d5f0324 into main Mar 12, 2026
43 checks passed
@DmitryAnansky DmitryAnansky deleted the changeset-release/main branch March 12, 2026 10:29
@enderax
Copy link
Copy Markdown

enderax commented Mar 12, 2026

🔍 Container Security Scan Results 🔴

Image: redocly/cli@sha256:118cd0bba83ce106bc1b690312f2b22e14e5f2d542b8ccb8b7755dcbd6518760
Status: CRITICAL vulnerabilities found

Vulnerability Summary

Severity Total OS Packages Libraries Status
🔴 Critical 1 1 0
🟠 High 4 0 4 ⚠️
🟡 Medium 9 - - ℹ️
⚪ Low 1 - - ℹ️

Top Vulnerabilities

Severity CVE Package Version Fix Available
💥 🔴 CRITICAL UNKNOWN zlib 1.3.1-r2 1.3.2-r0
💥 🟠 HIGH UNKNOWN minimatch 10.2.2 10.2.3
🟠 HIGH UNKNOWN tar 7.5.9 7.5.11

💥 = Public exploit available

🔧 Recommended Actions

OS Package Vulnerabilities (1 Critical, 0 High):

  • Use minimal base images (e.g., alpine, distroless)
  • Update base image to latest version
  • Example: FROM alpine:3.19 -> FROM alpine:3.20

Library Vulnerabilities (0 Critical, 4 High):

  • Update dependencies in your package manager (package.json, requirements.txt, go.mod, etc.)
  • Pin specific versions instead of tags for reproducible builds
  • Example: alpine:3 (tag) -> alpine:3.19.1 (pinned version)

Attestation

✅ Binary Authorization attestation created - image approved for deployment

Build ID: 92631c04-91c1-411a-b09a-649dd0546585
Resources: Container Security Best Practices

@enderax
Copy link
Copy Markdown

enderax commented Mar 12, 2026

🔍 Container Security Scan Results 🔴

Image: redocly/cli@sha256:c45095d912d40642665f5f258693f9bd0586465ba7548b5a5c28942a9a15f2fe
Status: CRITICAL vulnerabilities found

Vulnerability Summary

Severity Total OS Packages Libraries Status
🔴 Critical 1 1 0
🟠 High 4 0 4 ⚠️
🟡 Medium 9 - - ℹ️
⚪ Low 1 - - ℹ️

Top Vulnerabilities

Severity CVE Package Version Fix Available
💥 🔴 CRITICAL UNKNOWN zlib 1.3.1-r2 1.3.2-r0
💥 🟠 HIGH UNKNOWN minimatch 10.2.2 10.2.3
🟠 HIGH UNKNOWN tar 7.5.9 7.5.11

💥 = Public exploit available

🔧 Recommended Actions

OS Package Vulnerabilities (1 Critical, 0 High):

  • Use minimal base images (e.g., alpine, distroless)
  • Update base image to latest version
  • Example: FROM alpine:3.19 -> FROM alpine:3.20

Library Vulnerabilities (0 Critical, 4 High):

  • Update dependencies in your package manager (package.json, requirements.txt, go.mod, etc.)
  • Pin specific versions instead of tags for reproducible builds
  • Example: alpine:3 (tag) -> alpine:3.19.1 (pinned version)

Attestation

✅ Binary Authorization attestation created - image approved for deployment

Build ID: 958b7ec4-8607-422d-bab4-70a2eb2f15c7
Resources: Container Security Best Practices

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@DmitryAnansky DmitryAnansky DmitryAnansky approved these changes

@RomanHotsiy RomanHotsiy RomanHotsiy approved these changes

@JLekawa JLekawa JLekawa approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@enderax @DmitryAnansky @RomanHotsiy @JLekawa