Question

I have a dependabot merge request in my repo (which includes robo via composer and thank you) that wants me to update to robo v5.

Packagist has a v5 package: https://packagist.org/packages/consolidation/robo#5.0.0
But GitHub does not. It's latest release is v4.0.4

I would expect a packagist package to be designated as a release in GitHub not just as a tag. Does the omission of a GitHub v5 official release mean that v5 is still being tested/considered for release? Is it an oversight?

Do you recommend updating to version 5? And if so, why would there not be a corresponding GitHub release?

There is no release note/changelog on the version 5 tag, but I see the README mentions it as stable and changelog does include some notes.

Thank you so much.