chore(deps-dev): bump @metamask/auto-changelog from 4.1.0 to 5.0.1

[dependabot]

Bumps @metamask/auto-changelog from 4.1.0 to 5.0.1.

Release notes

Sourced from @​metamask/auto-changelog's releases.

5.0.1

Fixed

• Fix CLI path (#235)

5.0.0

Added

• JavaScript sources and TypeScript declarations are now available in both CommonJS- and ESM-compatible variants (#226)
• Add option to changelog validation to ensure that each entry in the changelog links to one or more originating PRs (#222)
  • Pass --pr-links to the CLI, or pass ensureValidPrLinksPresent to validateChangelog to enable this behavior, ideally in your lint package script or CI workflow
• Add an optional shouldExtractPrLinks option to parseChangelog (#222)
  • When true, this will extract pull request links from the text of each entry, identify the pull numbers, and keep them in a separate array
  • See note on Changelog.getReleaseChanges below for more

Changed

• BREAKING: Changelog.getReleaseChanges now returns an object whose values are objects of shape { description: string; prNumbers: string[] } rather than simply string (the description) (#222)
  • This affects parseChangelog as well, since it returns an instance of Changelog
• BREAKING: Bump minimum Node version to 18.20 (#227)
• BREAKING: Custom subpath imports are no longer supported (#226)
  • You may now only import @metamask/auto-changelog and @metamask/auto-changelog/package.json

Changelog

Sourced from @​metamask/auto-changelog's changelog.

[5.0.1]

Fixed

• Fix CLI path (#235)

[5.0.0]

Added

• JavaScript sources and TypeScript declarations are now available in both CommonJS- and ESM-compatible variants (#226)
• Add option to changelog validation to ensure that each entry in the changelog links to one or more originating PRs (#222)
  • Pass --pr-links to the CLI, or pass ensureValidPrLinksPresent to validateChangelog to enable this behavior, ideally in your lint package script or CI workflow
• Add an optional shouldExtractPrLinks option to parseChangelog (#222)
  • When true, this will extract pull request links from the text of each entry, identify the pull numbers, and keep them in a separate array
  • See note on Changelog.getReleaseChanges below for more

Changed

• BREAKING: Changelog.getReleaseChanges now returns an object whose values are objects of shape { description: string; prNumbers: string[] } rather than simply string (the description) (#222)
  • This affects parseChangelog as well, since it returns an instance of Changelog
• BREAKING: Bump minimum Node version to 18.20 (#227)
• BREAKING: Custom subpath imports are no longer supported (#226)
  • You may now only import @metamask/auto-changelog and @metamask/auto-changelog/package.json

Commits

• 92b933d 5.0.1 (#236)
• 69835c9 Fix CLI path (#235)
• e65c485 5.0.0 (#228)
• 9577a9b Use ts-bridge instead of tsc; restrict imports (#226)
• 8eff000 Sync GitHub workflows with module template (#225)
• e76de22 Bump braces and cross-spawn to address security vulns (#229)
• 5de0dd5 Bump tar from 6.1.12 to 6.2.1 in the npm_and_yarn group across 1 directory (#...
• dbf22dc Sync supported Node versions w/ module template (#227)
• 8bb2c5e chore: add workflow_dispatch to security-code-scanner (#223)
• b7c5c0e Add way to verify each change has associated PRs (#222)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)