Skip to content

fix(deps): bump ckeditor5 from ^47.6.2-alpha.0 to ^47.7.2 (main)#13238

Open
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/main-ckeditor-monorepo
Open

fix(deps): bump ckeditor5 from ^47.6.2-alpha.0 to ^47.7.2 (main)#13238
renovate[bot] wants to merge 1 commit into
mainfrom
renovate/main-ckeditor-monorepo

Conversation

@renovate

@renovate renovate Bot commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
ckeditor5 (source) ^47.6.2-alpha.0^47.7.2 age confidence

Release Notes

ckeditor/ckeditor5 (ckeditor5)

v47.7.2

Compare Source

We are happy to announce the release of CKEditor 5 v47.7.2.

ℹ️ Long Term Support Edition release: This is a CKEditor 5 Long Term Support (LTS) Edition release, available only to LTS subscribers. It delivers security and critical maintenance fixes for the v47 line. Visit documentation to learn more.

Release highlights

The release addresses vulnerabilities identified in the protobuf.js package, used within our @ckeditor/ckeditor5-operations-compressor package for real-time collaboration.

Our analysis confirms that vulnerabilities do not affect CKEditor 5.

This release primarily aims to ensure that our customers using real-time collaboration features do not encounter unnecessary security alerts from their scanning tools. We are committed to maintaining the highest security standards, and this update reflects our ongoing efforts to safeguard user environments proactively.

Released packages

Check out the Versioning policy guide for more information.

Released packages (summary)

Other releases:

v47.7.1

Compare Source

We are happy to announce the release of CKEditor 5 v47.7.1.

ℹ️ Long Term Support Edition release: This is a CKEditor 5 Long Term Support (LTS) Edition release, available only to LTS subscribers. It delivers security and critical maintenance fixes for the v47 line. Visit documentation to learn more.

Release highlights

The release addresses a vulnerability identified in the protobuf.js package (CVE-2026-41242), used within our @ckeditor/ckeditor5-operations-compressor package for real-time collaboration.

Our analysis confirms that this vulnerability does not affect CKEditor 5, as all protobuf definitions are static and pre-compiled at build time, and are never parsed or compiled from untrusted input at runtime - which is the condition required to exploit this issue.

This release primarily aims to ensure that our customers using real-time collaboration features do not encounter unnecessary security alerts from their scanning tools. We are committed to maintaining the highest security standards, and this update reflects our ongoing efforts to safeguard user environments proactively.

Released packages

Check out the Versioning policy guide for more information.

Released packages (summary)

Other releases:

v47.7.0

Compare Source

Release highlights

CKEditor 5 v47.7.0 is the first maintenance release in the CKEditor 5 Long-term Support (LTS) Edition line. The LTS Edition is a paid add-on to a CKEditor 5 license for teams that want to stay on one major version longer while continuing to receive security updates and selected compatibility fixes.

This release introduces license verification for the LTS Edition. If your license key does not include LTS access, the editor will fail to load. Aside from this license verification, no other changes were introduced in this release.

Which version should you use?
  • If your license includes LTS access, upgrade to v47.7.0 and remain on the LTS line.
  • If you want to stay on the standard release line, do not upgrade to v47.7.0 — stay on v47.6.2 or lower, or upgrade to v48.0.0 or later.
What is CKEditor 5 LTS Edition?

CKEditor 5 LTS Edition is designed for teams that prefer long-term stability over frequent upgrades. It lets you stay on a single major version for up to 3 years, while receiving security updates and compatibility fixes without breaking changes. Unlike the standard release line, which delivers several major releases each year, LTS focuses on stability and predictable maintenance rather than ongoing feature development.

To learn more, visit the LTS documentation.

How to obtain CKEditor 5 LTS Edition?

It is available as a paid add-on to your existing CKEditor 5 license. Contact our sales team for pricing and a tailored plan.

Released packages

Check out the Versioning policy guide for more information.

Released packages (summary)

Other releases:


Configuration

📅 Schedule: (in timezone Europe/Vienna)

  • Branch creation
    • "before 5am on wednesday"
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate Bot requested a review from ChristophWurst as a code owner July 6, 2026 22:14
@renovate renovate Bot requested a review from GretaD as a code owner July 6, 2026 22:14
@renovate renovate Bot added the dependencies label Jul 6, 2026
@renovate renovate Bot requested a review from kesselb as a code owner July 6, 2026 22:14
@renovate renovate Bot enabled auto-merge (squash) July 6, 2026 22:14
@renovate renovate Bot force-pushed the renovate/main-ckeditor-monorepo branch from 76e563a to c441b1b Compare July 7, 2026 13:58
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate Bot force-pushed the renovate/main-ckeditor-monorepo branch from c441b1b to 1bedaaa Compare July 7, 2026 18:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants