Skip to content

chore(deps): update dependency js-yaml to v4#3238

Merged
arslanashraf7 merged 1 commit intomasterfrom
renovate/js-yaml-4.x
Jun 2, 2025
Merged

chore(deps): update dependency js-yaml to v4#3238
arslanashraf7 merged 1 commit intomasterfrom
renovate/js-yaml-4.x

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Nov 12, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
js-yaml ^3.13.1 -> ^4.0.0 age adoption passing confidence

Release Notes

nodeca/js-yaml (js-yaml)

v4.1.0

Compare Source

Added
  • Types are now exported as yaml.types.XXX.
  • Every type now has options property with original arguments kept as they were
    (see yaml.types.int.options as an example).
Changed
  • Schema.extend() now keeps old type order in case of conflicts
    (e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as abcd instead of cbad).

v4.0.0

Compare Source

Changed
  • Check migration guide to see details for all breaking changes.
  • Breaking: "unsafe" tags !!js/function, !!js/regexp, !!js/undefined are
    moved to js-yaml-js-types package.
  • Breaking: removed safe* functions. Use load, loadAll, dump
    instead which are all now safe by default.
  • yaml.DEFAULT_SAFE_SCHEMA and yaml.DEFAULT_FULL_SCHEMA are removed, use
    yaml.DEFAULT_SCHEMA instead.
  • yaml.Schema.create(schema, tags) is removed, use schema.extend(tags) instead.
  • !!binary now always mapped to Uint8Array on load.
  • Reduced nesting of /lib folder.
  • Parse numbers according to YAML 1.2 instead of YAML 1.1 (01234 is now decimal,
    0o1234 is octal, 1:23 is parsed as string instead of base60).
  • dump() no longer quotes :, [, ], (, ) except when necessary, #​470, #​557.
  • Line and column in exceptions are now formatted as (X:Y) instead of
    at line X, column Y (also present in compact format), #​332.
  • Code snippet created in exceptions now contains multiple lines with line numbers.
  • dump() now serializes undefined as null in collections and removes keys with
    undefined in mappings, #​571.
  • dump() with skipInvalid=true now serializes invalid items in collections as null.
  • Custom tags starting with ! are now dumped as !tag instead of !<!tag>, #​576.
  • Custom tags starting with tag:yaml.org,2002: are now shorthanded using !!, #​258.
Added
  • Added .mjs (es modules) support.
  • Added quotingType and forceQuotes options for dumper to configure
    string literal style, #​290, #​529.
  • Added styles: { '!!null': 'empty' } option for dumper
    (serializes { foo: null } as "foo: "), #​570.
  • Added replacer option (similar to option in JSON.stringify), #​339.
  • Custom Tag can now handle all tags or multiple tags with the same prefix, #​385.
Fixed
  • Astral characters are no longer encoded by dump(), #​587.
  • "duplicate mapping key" exception now points at the correct column, #​452.
  • Extra commas in flow collections (e.g. [foo,,bar]) now throw an exception
    instead of producing null, #​321.
  • __proto__ key no longer overrides object prototype, #​164.
  • Removed bower.json.
  • Tags are now url-decoded in load() and url-encoded in dump()
    (previously usage of custom non-ascii tags may have led to invalid YAML that can't be parsed).
  • Anchors now work correctly with empty nodes, #​301.
  • Fix incorrect parsing of invalid block mapping syntax, #​418.
  • Throw an error if block sequence/mapping indent contains a tab, #​80.

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone US/Eastern, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from a68ae83 to 49fe730 Compare November 12, 2024 10:45
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from 49fe730 to b1e919b Compare November 12, 2024 12:15
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from b1e919b to 581e311 Compare November 12, 2024 13:40
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from 581e311 to f7958a6 Compare November 12, 2024 14:14
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from f7958a6 to 5d04eac Compare November 12, 2024 15:01
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from 5d04eac to a53ea06 Compare November 12, 2024 15:10
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from a53ea06 to d4a5763 Compare November 12, 2024 19:06
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from d4a5763 to 8717dab Compare November 13, 2024 05:57
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from 8717dab to 6ed7e7b Compare November 13, 2024 09:22
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from 6ed7e7b to 9d925be Compare November 13, 2024 16:27
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from 9d925be to 1cffc13 Compare November 14, 2024 09:10
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from 1cffc13 to b633f28 Compare November 14, 2024 09:49
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from b633f28 to a882dce Compare November 14, 2024 13:33
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from a882dce to 84762a9 Compare November 14, 2024 13:51
@marslanabdulrauf marslanabdulrauf self-assigned this Nov 14, 2024
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from b815819 to 6085872 Compare November 20, 2024 09:07
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from 6085872 to b52e60f Compare November 20, 2024 10:40
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from b52e60f to 0fb1a07 Compare November 21, 2024 14:28
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch from 0fb1a07 to 7f039df Compare November 22, 2024 12:14
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch 7 times, most recently from 2ecfeda to c5e628d Compare January 6, 2025 16:18
@renovate renovate bot force-pushed the renovate/js-yaml-4.x branch 10 times, most recently from a66d7c9 to 1e96d13 Compare January 13, 2025 10:00
@marslanabdulrauf
Copy link
Contributor

marslanabdulrauf commented Mar 4, 2025

It depends on: #3414

@arslanashraf7
Copy link
Contributor

arslanashraf7 commented May 27, 2025

There are multiple dependents of js-yaml package and the ones that currently use 3.x version are these:

  1. @istanbuljs/load-nyc-config@npm:^1.0.0
  2. codecov@npm:^3.7.1
  3. eslint@npm:^2.7.0
  4. front-matter@npm:2.1.2
  5. sass-lint@npm:^1.13.1

Since the PR upgrades the version in resolved dependencies so when that happens, every dependency will be using 4.x. This makes things a little complex. In an ideal scenario, we should try to go and remove this package from the resolved list. Even if we don't do that, we should be upgrading sass, sass-lint packages. There have been some warning problems with that package as mentioned in ref.

I am putting a blocked label on this until my next renovate day.

@odlbot odlbot mentioned this pull request Jun 3, 2025
Merged
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@arslanashraf7 arslanashraf7 arslanashraf7 approved these changes

Assignees

@arslanashraf7 arslanashraf7

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@marslanabdulrauf @arslanashraf7 @odlbot