@jimthedev @AndersDJohnson @kentcdodds Hi, could you validate this PR so a new release of the cli can be generated? Thx

@LinusU @dmwelch Can you help? Thanks!

this PR will close the Issue #914 as the fix is merged already but not released yet

if adding me as a maintainer could help with details like this, i'd be willing to help out with basic maintenance tasks like this. i wouldnt be able to dedicate a lot of time due to other OSS project responsibilities (hopefully, my reputation on those projects helps build trust to consider me as a maintainer here), but would like to help unblock vulnerability issues like this.

Adding another vote of support; @jimthedev, please consider @travi's offer! I'm sure plenty of repos (like mine) have got a Critical dependabot security alert because there hasn't been a release for commitizen despite the updates being merged in already.

Just got back home. Wife has covid but will take a look and see if I can help.

Secret added, going to merge this.

🎉 This PR is included in version 4.2.5 🎉

The release is available on:

• npm package (@latest dist-tag)
• GitHub release

Your semantic-release bot 📦🚀

@jimthedev Thx

@daiyam thank all of you for your patience.

Thank you and @travi for resolving this!

thanks for the merge @jimthedev! feel free to let me know if you need more help. commitizen is super valuable in combination with semantic-release, so i'd be happy to pitch in a bit if i can help keep things going.