Major version bump triggered by chore commits with @release-it/conventional-changelog v9+ (regression from v8)

[haukurmar]

I also posted the issue here: conventional-changelog/conventional-changelog#1368

Description

When using @release-it/conventional-changelog v9 or later (with its dependency on conventional-recommended-bump v10+), a major version bump is triggered even when only a chore commit is present since the last release. This is unexpected, according to Conventional Commits, only breaking changes or commits with a ! should trigger a major bump.

Downgrading to @release-it/conventional-changelog v8 (which uses conventional-recommended-bump v9) restores the expected behavior (patch bump or no bump for chore commits).

---

To Reproduce

Repo structure:

• Monorepo with several packages (e.g., core, ui, utils, release-config)
• Each package uses release-it with the conventional-changelog plugin.

Steps:

1. Use the following setup:
   • release-it v19 (also reproducible with v17)
   • @release-it/conventional-changelog v9 or v10
2. In one package (e.g., release-config), tag a release as v2.0.0.
3. Make a commit with a message like: chore(deps): updated release-it to v19 and updated other packages
4. Run a dry-run pre-release: release-it --config ./release.config.js --ci --dry-run
5. Observe that the suggested next version is 3.0.0 (major), even though there are no breaking changes or features.

Expected behavior:

• The next version should be a patch (2.0.1) or no release at all for a chore commit.

Actual behavior:

• The next version is a major (3.0.0).

---

Additional Context

• This issue does not occur with @release-it/conventional-changelog v8 (which uses conventional-recommended-bump v9).
• The problem appears with v9+ (and corresponding conventional-recommended-bump v10+).
• No custom release rules or config overrides are present.
• We use our own custom bumper plugin to update internal dependencies, but it does not affect the version bump logic for the current package.

---

Minimal Example

// package.json (relevant parts)
{
  "scripts": {
    "release": "release-it --config ./release.config.js --ci"
  },
  "devDependencies": {
    "release-it": "^19.0.0",
    "@release-it/conventional-changelog": "^9.0.0"
  }
}

// release.config.js
module.exports = {
  plugins: {
    "@release-it/conventional-changelog": {
      preset: "conventionalcommits"
    }
  }
};

---

Commit history:

v2.0.0
chore(deps): updated release-it to v19 and updated other packages

Command:

release-it --ci --dry-run

Result

🚀 Let's release my-package (2.0.0...3.0.0)
(Should be 2.0.1 or no release)

Investigation

• The regression appears to be introduced with the migration to conventional-recommended-bump v10 (see release-it/conventional-changelog v9 changelog).
• No relevant breaking changes are documented in the changelogs.
• This bug can cause unexpected major releases in monorepos and single-package repos alike.

Workaround

Pinning @release-it/conventional-changelog to v8 (and thus conventional-recommended-bump to v9) resolves the issue.

Environment
OS: macOS/Linux/Windows
Node: v18+
release-it: v17, v19 (tested)
@release-it/conventional-changelog: v8 (works), v9+ (bug)
conventional-recommended-bump: v9 (works), v10+ (bug)

[haukurmar]

Update: This issue appears to be resolved in @release-it/conventional-changelog v10.0.2+, which upgrades to conventional-recommended-bump@^11.2.0 (v10.0.0 and v10.0.1 still used ^10.0.0 and had the same regression).

We verified this with 20 automated tests covering version bump correctness for all conventional commit types. Chore commits correctly return a patch bump (not major) with v10.0.6.