Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade yaml from 2.2.2 to 2.3.4 #98

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

[Snyk] Upgrade yaml from 2.2.2 to 2.3.4 #98

wants to merge 1 commit into from

Conversation

floriandorau
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade yaml from 2.2.2 to 2.3.4.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

  • The recommended version is 11 versions ahead of your current version.
  • The recommended version was released 3 months ago, on 2023-11-03.
Release notes
Package name: yaml
  • 2.3.4 - 2023-11-03
    • Do not throw for carriage return in tag shorthand (#501)
  • 2.3.3 - 2023-10-14
    • Do not throw error on malformed URI escape in tag (#498)
  • 2.3.2 - 2023-08-28
    • Fix docs typo (#489)
    • Do not require quotes for implicit keys with flow indicators (#494)
    • Update Prettier to v3 & update ESLint config
  • 2.3.1 - 2023-05-26
    • Drop npm from package.json "engines" config (#476)
  • 2.3.0 - 2023-05-23

    This release corresponds with the release of yaml-types v0.2.0, an expanding library of custom tags or types for use with yaml.

    This release contains no changes from v2.3.0-5, and the notes below include all changes from the v2.3.0-x prereleases.

    Custom Tag Improvements

    • Add export of createNode() & createPair() to 'yaml/util' (#457)
    • Add static from() methods to simplify tag development, and otherwise make extending custom collections easier (#467)

    TypeScript Improvements

    • Add a second optional generic type argument Strict to Document instances. (#441)
    • Add types exports for TypeScript (#463)
    • Export StringifyContext type from 'yaml/util' (#464)

    Other New Features

    • Add a toJS(doc, options?) method to nodes (#451, #458)
    • Set explicit tag during createNode() for non-default tags (#464)

    Bugfixes

    • Use correct argument order when stringifying flow collection comments (#443)
    • Improve first-line folding for block scalars (#422)
  • 2.3.0-5 - 2023-05-06
    • Make extending custom collections easier (#467)
    • Fix corner case failure in error pretty-printer (CVE-2023-2251)
  • 2.3.0-4 - 2023-04-18

    New Features

    • Set explicit tag during createNode() for non-default tags (#464)
    • Export StringifyContext type from 'yaml/util' (#464)
  • 2.3.0-3 - 2023-04-14

    Bugfixes

    • Improve missing-argument error on node .toJS() method (#458)
    • Add types exports for TypeScript (#463)
    • Drop incompatible/unnecessary typesVersions from package.json (#463)
  • 2.3.0-2 - 2023-04-14
  • 2.3.0-1 - 2023-04-04

    New Features

    • Add a toJS(doc, options?) method to nodes (#451)
    • Add export of createNode() & createPair() to 'yaml/util' (#457)

    Bugfixes

    • First-line folding for block scalars (#422)
  • 2.3.0-0 - 2023-03-11
  • 2.2.2 - 2023-04-24

    This patch release includes a fix for an error that could be thrown in parseDocument for degenerate input. Otherwise, it's a patch release uplifting a few fixes from the ongoing v2.3 work to v2.2:

    • Corner case failure in error pretty-printer (CVE-2023-2251)
    • Use correct argument order when stringifying flow collection comments (#443)
    • First-line folding for block scalars (#422)
from yaml GitHub release notes
Commit messages
Package name: yaml
  • b7696fc 2.3.4
  • 4af7419 fix: Carriage return in tag shorthand (#501)
  • e8576e8 2.3.3
  • 3fb6c1f chore: Refresh lockfile
  • 69d881c fix: Do not throw error on malformed URI escape in tag (#498)
  • a4d8569 2.3.2
  • 899c75c chore: Update Prettier to v3 & update ESLint config
  • f7f0971 chore: Refresh lockfile
  • 9558e96 fix: Do not require quotes for implicit keys with flow indicators (#494)
  • 07063bc docs: Fix typo (#489)
  • a442e95 2.3.1
  • 1f7fb2f fix: Drop npm from package.json engines config (fixes #476)
  • 431ce22 2.3.0
  • 0d2b3d3 chore: Refresh lockfile
  • 96daea5 2.3.0-5
  • 57f7bf5 docs: Expand visit() documentation
  • b741332 feat: Make extending custom collections easier (#467)
  • a67a019 fix: Corner case failure in error pretty-printer
  • ffdd2fb 2.3.0-4
  • f169304 feat: Set explicit tag during createNode() for non-default tags (#464)
  • 165a49f feat: Export StringifyContext type from 'yaml/util' (#464)
  • 55e99ab 2.3.0-3
  • 0623814 fix: Drop incompatible/unnecessary typesVersions from package.json (#463)
  • a2afb00 2.3.0-2

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@floriandorau @snyk-bot