Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

build(deps): bump yaml from 1.10.2 to 2.3.4 #553

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 3, 2023

Bumps yaml from 1.10.2 to 2.3.4.

Release notes

Sourced from yaml's releases.

v2.3.4

  • Do not throw for carriage return in tag shorthand (#501)

v2.3.3

  • Do not throw error on malformed URI escape in tag (#498)

v2.3.2

  • Fix docs typo (#489)
  • Do not require quotes for implicit keys with flow indicators (#494)
  • Update Prettier to v3 & update ESLint config

v2.3.1

  • Drop npm from package.json "engines" config (#476)

v2.3.0

This release corresponds with the release of yaml-types v0.2.0, an expanding library of custom tags or types for use with yaml.

This release contains no changes from v2.3.0-5, and the notes below include all changes from the v2.3.0-x prereleases.

Custom Tag Improvements

  • Add export of createNode() & createPair() to 'yaml/util' (#457)
  • Add static from() methods to simplify tag development, and otherwise make extending custom collections easier (#467)

TypeScript Improvements

  • Add a second optional generic type argument Strict to Document instances. (#441)
  • Add types exports for TypeScript (#463)
  • Export StringifyContext type from 'yaml/util' (#464)

Other New Features

  • Add a toJS(doc, options?) method to nodes (#451, #458)
  • Set explicit tag during createNode() for non-default tags (#464)

Bugfixes

  • Use correct argument order when stringifying flow collection comments (#443)
  • Improve first-line folding for block scalars (#422)

v2.3.0-5

  • Make extending custom collections easier (#467)
  • Fix corner case failure in error pretty-printer (CVE-2023-2251)

v2.3.0-4

New Features

  • Set explicit tag during createNode() for non-default tags (#464)
  • Export StringifyContext type from 'yaml/util' (#464)

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [yaml](https://github.com/eemeli/yaml) from 1.10.2 to 2.3.4.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v1.10.2...v2.3.4)

---
updated-dependencies:
- dependency-name: yaml
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 3, 2023
# for free to join this conversation on GitHub. Already have an account? # to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants