diff --git a/CHANGELOG.md b/CHANGELOG.md
index ec4ee023..dd1d8b11 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,19 @@
 # Changelog
 
+## [5.4.0](https://github.com/nodejs/node-core-utils/compare/v5.3.1...v5.4.0) (2024-08-07)
+
+
+### Features
+
+* use sec release template in PR description ([#832](https://github.com/nodejs/node-core-utils/issues/832)) ([25ea992](https://github.com/nodejs/node-core-utils/commit/25ea9923c6cff813766678332130a8c4fdf93edb))
+
+
+### Bug Fixes
+
+* **git-node:** ignore codecov check suite ([#838](https://github.com/nodejs/node-core-utils/issues/838)) ([d796dd5](https://github.com/nodejs/node-core-utils/commit/d796dd5eac383177624a2c4b9284770c99ec3968))
+* handle dependencies empty on sec release blog ([#828](https://github.com/nodejs/node-core-utils/issues/828)) ([987aaca](https://github.com/nodejs/node-core-utils/commit/987aacaded33e94548cb22904c7fb828fd73e804))
+* listr overriding parent task ([#836](https://github.com/nodejs/node-core-utils/issues/836)) ([88c31eb](https://github.com/nodejs/node-core-utils/commit/88c31eb6bbea0ec44797c7287bafad2678d5ea46))
+
 ## [5.3.1](https://github.com/nodejs/node-core-utils/compare/v5.3.0...v5.3.1) (2024-07-03)
 
 
diff --git a/lib/pr_checker.js b/lib/pr_checker.js
index 7d00ca92..b37314e4 100644
--- a/lib/pr_checker.js
+++ b/lib/pr_checker.js
@@ -29,6 +29,7 @@ const GITHUB_SUCCESS_CONCLUSIONS = ['SUCCESS', 'NEUTRAL', 'SKIPPED'];
 const FAST_TRACK_RE = /^Fast-track has been requested by @(.+?)\. Please 👍 to approve\.$/;
 const FAST_TRACK_MIN_APPROVALS = 2;
 const GIT_CONFIG_GUIDE_URL = 'https://github.com/nodejs/node/blob/99b1ada/doc/guides/contributing/pull-requests.md#step-1-fork';
+const IGNORED_CHECK_SLUGS = ['dependabot', 'codecov'];
 
 // eslint-disable-next-line no-extend-native
 Array.prototype.findLastIndex ??= function findLastIndex(fn) {
@@ -373,9 +374,9 @@ export default class PRChecker {
 
     // GitHub new Check API
     for (const { status, conclusion, app } of checkSuites.nodes) {
-      if (app && app.slug === 'dependabot') {
-        // Ignore Dependabot check suites. They are expected to show up
-        // sometimes and never complete.
+      if (app && IGNORED_CHECK_SLUGS.includes(app.slug)) {
+        // Ignore Dependabot and Codecov check suites.
+        // They are expected to show up sometimes and never complete.
         continue;
       }
 
diff --git a/lib/prepare_security.js b/lib/prepare_security.js
index ed18e502..4ffb90fe 100644
--- a/lib/prepare_security.js
+++ b/lib/prepare_security.js
@@ -6,7 +6,6 @@ import {
   NEXT_SECURITY_RELEASE_BRANCH,
   NEXT_SECURITY_RELEASE_FOLDER,
   NEXT_SECURITY_RELEASE_REPOSITORY,
-  PLACEHOLDERS,
   checkoutOnSecurityReleaseBranch,
   commitAndPushVulnerabilitiesJSON,
   validateDate,
@@ -37,22 +36,15 @@ export default class PrepareSecurityRelease {
     const createVulnerabilitiesJSON = await this.promptVulnerabilitiesJSON();
 
     let securityReleasePRUrl;
+    const content = await this.buildDescription(releaseDate, securityReleasePRUrl);
     if (createVulnerabilitiesJSON) {
-      securityReleasePRUrl = await this.startVulnerabilitiesJSONCreation(releaseDate);
+      securityReleasePRUrl = await this.startVulnerabilitiesJSONCreation(releaseDate, content);
     }
 
-    const createIssue = await this.promptCreateRelaseIssue();
-
-    if (createIssue) {
-      const content = await this.buildIssue(releaseDate, securityReleasePRUrl);
-      await createIssue(
-        this.title, content, this.repository, { cli: this.cli, repository: this.repository });
-    };
-
     this.cli.ok('Done!');
   }
 
-  async startVulnerabilitiesJSONCreation(releaseDate) {
+  async startVulnerabilitiesJSONCreation(releaseDate, content) {
     // checkout on the next-security-release branch
     checkoutOnSecurityReleaseBranch(this.cli, this.repository);
 
@@ -87,7 +79,7 @@ export default class PrepareSecurityRelease {
     if (!createPr) return;
 
     // create pr on the security-release repo
-    return this.createPullRequest();
+    return this.createPullRequest(content);
   }
 
   promptCreatePR() {
@@ -143,11 +135,9 @@ export default class PrepareSecurityRelease {
       { defaultAnswer: true });
   }
 
-  async buildIssue(releaseDate, securityReleasePRUrl = PLACEHOLDERS.vulnerabilitiesPRURL) {
+  async buildDescription() {
     const template = await this.getSecurityIssueTemplate();
-    const content = template.replace(PLACEHOLDERS.releaseDate, releaseDate)
-      .replace(PLACEHOLDERS.vulnerabilitiesPRURL, securityReleasePRUrl);
-    return content;
+    return template;
   }
 
   async chooseReports() {
@@ -185,11 +175,11 @@ export default class PrepareSecurityRelease {
     return fullPath;
   }
 
-  async createPullRequest() {
+  async createPullRequest(content) {
     const { owner, repo } = this.repository;
     const response = await this.req.createPullRequest(
       this.title,
-      'List of vulnerabilities to be included in the next security release',
+      content ?? 'List of vulnerabilities to be included in the next security release',
       {
         owner,
         repo,
diff --git a/lib/security_blog.js b/lib/security_blog.js
index 7fe25ea1..c0987bfe 100644
--- a/lib/security_blog.js
+++ b/lib/security_blog.js
@@ -232,9 +232,10 @@ export default class SecurityBlog {
   }
 
   getDependencyUpdatesTemplate(dependencyUpdates) {
-    if (!dependencyUpdates) return '';
-    let template = 'This security release includes the following dependency' +
-      ' updates to address public vulnerabilities:\n\n';
+    if (typeof dependencyUpdates !== 'object') return '';
+    if (Object.keys(dependencyUpdates).length === 0) return '';
+    let template = '\nThis security release includes the following dependency' +
+      ' updates to address public vulnerabilities:\n';
     for (const dependencyUpdate of Object.values(dependencyUpdates)) {
       for (const dependency of dependencyUpdate) {
         const title = dependency.title.substring(dependency.title.indexOf(':') + ':'.length).trim();
@@ -330,7 +331,12 @@ export default class SecurityBlog {
         affectedVersions.add(affectedVersion);
       }
     }
-    return Array.from(affectedVersions).join(', ');
+    const parseToNumber = str => +(str.match(/[\d.]+/g)[0]);
+    return Array.from(affectedVersions)
+      .sort((a, b) => {
+        return parseToNumber(a) > parseToNumber(b) ? -1 : 1;
+      })
+      .join(', ');
   }
 
   getSecurityPreReleaseTemplate() {
diff --git a/lib/update-v8/applyNodeChanges.js b/lib/update-v8/applyNodeChanges.js
index 806e1d25..5ac5b9af 100644
--- a/lib/update-v8/applyNodeChanges.js
+++ b/lib/update-v8/applyNodeChanges.js
@@ -1,7 +1,5 @@
 import path from 'node:path';
 
-import { Listr } from 'listr2';
-
 import {
   getNodeV8Version,
   filterForVersion,
@@ -19,10 +17,10 @@ const nodeChanges = [
 export default function applyNodeChanges() {
   return {
     title: 'Apply Node-specific changes',
-    task: async(ctx) => {
+    task: async(ctx, task) => {
       const v8Version = await getNodeV8Version(ctx.nodeDir);
       const list = filterForVersion(nodeChanges, v8Version);
-      return new Listr(list.map((change) => change.task()));
+      return task.newListr(list.map((change) => change.task()));
     }
   };
 }
diff --git a/lib/update-v8/backport.js b/lib/update-v8/backport.js
index c57095cd..7f27430e 100644
--- a/lib/update-v8/backport.js
+++ b/lib/update-v8/backport.js
@@ -4,7 +4,6 @@ import {
 } from 'node:fs';
 
 import inquirer from 'inquirer';
-import { Listr } from 'listr2';
 import { ListrEnquirerPromptAdapter } from '@listr2/prompt-adapter-enquirer';
 
 import { shortSha } from '../utils.js';
@@ -50,8 +49,8 @@ export function doBackport(options) {
 
   return {
     title: 'V8 commit backport',
-    task: () => {
-      return new Listr(todo);
+    task: (ctx, task) => {
+      return task.newListr(todo);
     }
   };
 };
@@ -164,8 +163,8 @@ function applyPatches() {
 function applyAndCommitPatches() {
   return {
     title: 'Apply and commit patches to deps/v8',
-    task: (ctx) => {
-      return new Listr(ctx.patches.map(applyPatchTask));
+    task: (ctx, task) => {
+      return task.newListr(ctx.patches.map(applyPatchTask));
     }
   };
 }
@@ -173,7 +172,7 @@ function applyAndCommitPatches() {
 function applyPatchTask(patch) {
   return {
     title: `Commit ${shortSha(patch.sha)}`,
-    task: (ctx) => {
+    task: (ctx, task) => {
       const todo = [
         {
           title: 'Apply patch',
@@ -188,7 +187,7 @@ function applyPatchTask(patch) {
         }
       }
       todo.push(commitPatch(patch));
-      return new Listr(todo);
+      return task.newListr(todo);
     }
   };
 }
diff --git a/lib/update-v8/majorUpdate.js b/lib/update-v8/majorUpdate.js
index 4ac91005..0ca3f8a1 100644
--- a/lib/update-v8/majorUpdate.js
+++ b/lib/update-v8/majorUpdate.js
@@ -1,8 +1,6 @@
 import path from 'node:path';
 import { promises as fs } from 'node:fs';
 
-import { Listr } from 'listr2';
-
 import { getCurrentV8Version } from './common.js';
 import {
   getNodeV8Version,
@@ -19,8 +17,8 @@ import { forceRunAsync } from '../run.js';
 export default function majorUpdate() {
   return {
     title: 'Major V8 update',
-    task: () => {
-      return new Listr([
+    task: (ctx, task) => {
+      return task.newListr([
         getCurrentV8Version(),
         checkoutBranch(),
         removeDepsV8(),
diff --git a/lib/update-v8/minorUpdate.js b/lib/update-v8/minorUpdate.js
index e64ed8e5..d14f007a 100644
--- a/lib/update-v8/minorUpdate.js
+++ b/lib/update-v8/minorUpdate.js
@@ -2,8 +2,6 @@ import { spawn } from 'node:child_process';
 import path from 'node:path';
 import { promises as fs } from 'node:fs';
 
-import { Listr } from 'listr2';
-
 import { getCurrentV8Version } from './common.js';
 import { isVersionString } from './util.js';
 import { forceRunAsync } from '../run.js';
@@ -11,8 +9,8 @@ import { forceRunAsync } from '../run.js';
 export default function minorUpdate() {
   return {
     title: 'Minor V8 update',
-    task: () => {
-      return new Listr([
+    task: (ctx, task) => {
+      return task.newListr([
         getCurrentV8Version(),
         getLatestV8Version(),
         doMinorUpdate()
diff --git a/lib/update-v8/updateV8Clone.js b/lib/update-v8/updateV8Clone.js
index f078e826..8b270313 100644
--- a/lib/update-v8/updateV8Clone.js
+++ b/lib/update-v8/updateV8Clone.js
@@ -1,15 +1,13 @@
 import { promises as fs } from 'node:fs';
 
-import { Listr } from 'listr2';
-
 import { v8Git } from './constants.js';
 import { forceRunAsync } from '../run.js';
 
 export default function updateV8Clone() {
   return {
     title: 'Update local V8 clone',
-    task: () => {
-      return new Listr([fetchOrigin(), createClone()]);
+    task: (ctx, task) => {
+      return task.newListr([fetchOrigin(), createClone()]);
     }
   };
 };
diff --git a/lib/update-v8/updateVersionNumbers.js b/lib/update-v8/updateVersionNumbers.js
index 5c832e08..545ece19 100644
--- a/lib/update-v8/updateVersionNumbers.js
+++ b/lib/update-v8/updateVersionNumbers.js
@@ -1,15 +1,13 @@
 import path from 'node:path';
 import { promises as fs } from 'node:fs';
 
-import { Listr } from 'listr2';
-
 import { getNodeV8Version } from './util.js';
 
 export default function updateVersionNumbers() {
   return {
     title: 'Update version numbers',
-    task: () => {
-      return new Listr([resetEmbedderString(), bumpNodeModule()]);
+    task: (ctx, task) => {
+      return task.newListr([resetEmbedderString(), bumpNodeModule()]);
     }
   };
 };
diff --git a/package.json b/package.json
index 42c7fb59..a0fd2135 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@node-core/utils",
-  "version": "5.3.1",
+  "version": "5.4.0",
   "description": "Utilities for Node.js core collaborators",
   "type": "module",
   "engines": {