chore(deps-dev): [Security] Bump semantic-release from 15.13.28 to 17.2.3#49

Bumps [semantic-release](https://github.com/semantic-release/semantic-release) from 15.13.28 to 17.2.3. **This update includes a security fix.** <details> <summary>Vulnerabilities fixed</summary> <p><em>Sourced from <a href="https://github.com/advisories/GHSA-r2j6-p67h-q639">The GitHub Security Advisory Database</a>.</em></p> <blockquote> <p><strong>Secret disclosure when containing characters that become URI encoded</strong></p> <h3>Impact</h3> <p>Secrets that would normally be masked by <code>semantic-release</code> can be accidentally disclosed if they contain characters that become encoded when included in a URL.</p> <h3>Patches</h3> <p>Fixed in v17.2.3</p> <h3>Workarounds</h3> <p>Secrets that do not contain characters that become encoded when included in a URL are already masked properly.</p> <p>Affected versions: &lt;= 17.2.2</p> </blockquote> </details> <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/semantic-release/semantic-release/releases">semantic-release's releases</a>.</em></p> <blockquote> <h2>v17.2.3</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.2.2...v17.2.3">17.2.3</a> (2020-11-16)</h2> <h3>Bug Fixes</h3> <ul> <li>mask secrets when characters get uri encoded (<a href="https://github.com/semantic-release/semantic-release/commit/ca90b34c4a9333438cc4d69faeb43362bb991e5a">ca90b34</a>)</li> </ul> <h2>v17.2.2</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.2.1...v17.2.2">17.2.2</a> (2020-10-29)</h2> <h3>Bug Fixes</h3> <ul> <li>don't parse port as part of the path in repository URLs (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1671">#1671</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/77a75f072bc257b27904408dbea5ae5ccae2b6ab">77a75f0</a>)</li> <li>use valid git credentials when multiple are provided (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1669">#1669</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/2bf377194efc6b4f13b6bc6cd9272b935f64793e">2bf3771</a>)</li> </ul> <h2>v17.2.1</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.2.0...v17.2.1">17.2.1</a> (2020-10-12)</h2> <h3>Reverts</h3> <ul> <li>Revert &quot;feat: throw an Error if package.json has duplicate &quot;repository&quot; key (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1656">#1656</a>)&quot; (<a href="https://github.com/semantic-release/semantic-release/commit/3abcbaf2561a208180a1f8eddc1d8a5c1006fe48">3abcbaf</a>), closes <a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1656">#1656</a> <a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1657">#1657</a></li> </ul> <h2>v17.2.0</h2> <h1><a href="https://github.com/semantic-release/semantic-release/compare/v17.1.2...v17.2.0">17.2.0</a> (2020-10-11)</h1> <h3>Features</h3> <ul> <li>throw an Error if package.json has duplicate &quot;repository&quot; key (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1656">#1656</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/b8fb35c7e15d314c15182f779ef30b42b6c4e7ea">b8fb35c</a>)</li> </ul> <h2>v17.1.2</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.1.1...v17.1.2">17.1.2</a> (2020-09-17)</h2> <h3>Bug Fixes</h3> <ul> <li>add logging for when ssh falls back to http (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1639">#1639</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/b4c5d0a436fa5a4e98d8326f0512fa8a2f1f4f67">b4c5d0a</a>)</li> </ul> <h2>v17.1.1</h2> <h2><a href="https://github.com/semantic-release/semantic-release/compare/v17.1.0...v17.1.1">17.1.1</a> (2020-06-25)</h2> <h3>Bug Fixes</h3> <ul> <li>use correct ci branch context (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1521">#1521</a>) (<a href="https://github.com/semantic-release/semantic-release/commit/0f0c650b41764d1a3deb33631147c7ca0e39fe59">0f0c650</a>)</li> </ul> <h2>v17.1.0</h2> <!-- raw HTML omitted --> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/semantic-release/semantic-release/commit/c8d38b62588622d96f637e47f9962f5183b72af3"><code>c8d38b6</code></a> style: removed line breaks to align with xo rule (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1689">#1689</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/ca90b34c4a9333438cc4d69faeb43362bb991e5a"><code>ca90b34</code></a> fix: mask secrets when characters get uri encoded</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/63fa143023aa3b54e9a9231c7625549ef4d7f17a"><code>63fa143</code></a> docs(plugins): add listing for new plugin (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1686">#1686</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/2bf377194efc6b4f13b6bc6cd9272b935f64793e"><code>2bf3771</code></a> fix: use valid git credentials when multiple are provided (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1669">#1669</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/77a75f072bc257b27904408dbea5ae5ccae2b6ab"><code>77a75f0</code></a> fix: don't parse port as part of the path in repository URLs (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1671">#1671</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/d74ffef788df841a4dcb65dda4d857edd30b13c3"><code>d74ffef</code></a> docs: add npm-deprecate-old-versions in plugins list (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1667">#1667</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/3abcbaf2561a208180a1f8eddc1d8a5c1006fe48"><code>3abcbaf</code></a> Revert &quot;feat: throw an Error if package.json has duplicate &quot;repository&quot; key (...</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/b8fb35c7e15d314c15182f779ef30b42b6c4e7ea"><code>b8fb35c</code></a> feat: throw an Error if package.json has duplicate &quot;repository&quot; key (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1656">#1656</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/18e35b28adad720f0158cc20187c5e4bdabf26b7"><code>18e35b2</code></a> docs: reorder default plugins list (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1650">#1650</a>)</li> <li><a href="https://github.com/semantic-release/semantic-release/commit/e35e5bb73f3628906553709ac0f5beb8f565c61a"><code>e35e5bb</code></a> docs(contributing): fix commit message examples (<a href="https://github-redirect.dependabot.com/semantic-release/semantic-release/issues/1648">#1648</a>)</li> <li>Additional commits viewable in <a href="https://github.com/semantic-release/semantic-release/compare/v15.13.28...v17.2.3">compare view</a></li> </ul> </details> <br /> [](https://dependabot.com/compatibility-score/?dependency-name=semantic-release&package-manager=npm_and_yarn&previous-version=15.13.28&new-version=17.2.3) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) </details>