I'm using exact versions in dependencies, could you update this to 8.2.0?

No problem, I didn't notice that in the package.json before. Fixed that in the added commit. You should probably squash merge them to keep the git log clean ;)

Also to let you know, some other packages are outdated as well. I could update those too but don't have a good way of testing your stuff still works correctly (there is no npm run test or something like that as far as I could see), therefore I haven't done those as I can't check the impact.

Package                     Current  Wanted  Latest  Location
@actions/core                 1.1.1   1.1.1   1.2.0  commitlint-github-action
commitlint-config-jira        1.0.9   1.0.9  1.0.11  commitlint-github-action
conventional-changelog-cli   2.0.23  2.0.23  2.0.25  commitlint-github-action
husky                         3.0.7   3.0.7   3.0.9  commitlint-github-action
pretty-quick                 1.11.1  1.11.1   2.0.0  commitlint-github-action

and there are 10 security vulnerabilities (npm audit) that cannot be fixed automatically.

Yes, currently I don't have much test cases covered (just some scenarios with the current workflows but no more than that). Once I have more time I will add tests and check the new versions, thanks for the heads up!
Regarding squash merge, I prefer merge commits instead of squashing. I prefer what people call a "messy history" because it is more complete and shows all atomic changes to the repo 🙂
About the security vulnerabilities, don't worry about them. All of the Machine-In-The-Middle scenarios happen in some lerna commands that are not used by this action (like @lerna/publish), so all good 🚀