Skip to content

build(deps): bump yaml from 2.5.1 to 2.8.3 in /addons#1264

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/addons/yaml-2.8.3
Open

build(deps): bump yaml from 2.5.1 to 2.8.3 in /addons#1264
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/addons/yaml-2.8.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 25, 2026
edited
Loading

Bumps yaml from 2.5.1 to 2.8.3.

Release notes

Sourced from yaml's releases.

v2.8.3

  • Add trailingComma ToString option for multiline flow formatting (#670)
  • Catch stack overflow during node composition (1e84ebb)

v2.8.2

  • Serialize -0 as -0 (#638)
  • Do not double newlines for empty map values (#642)

v2.8.1

  • Preserve empty block literals (#634)

v2.8.0

  • Add node cache for faster alias resolution (#612)
  • Re-introduce compatibility with Node.js 14.6 (#614)
  • Add --merge option to CLI tool (#611)
  • Improve error for tag resolution error on null value (#616)
  • Allow empty string as plain scalar representation, for failsafe schema (#616)
  • docs: include cli example (#617)

v2.7.1

  • Do not allow seq with single-line collection value on same line with map key (#603)
  • Improve warning & avoid TypeError on bad YAML 1.1 nodes (#610)

v2.7.0

The library is now available on JSR as @​eemeli/yaml and on deno.land/x as yaml. In addition to Node.js and browsers, it should work in Deno, Bun, and Cloudflare Workers.

  • Use .ts extension in all relative imports (#591)
  • Ignore newline after block seq indicator as space before value (#590)
  • Require Node.js 14.18 or later (was 14.6) (#598)

v2.6.1

  • Do not strip :00 seconds from !!timestamp values (#578, with thanks to @​qraynaud)
  • Tighten regexp for JSON !!bool (#587, with thanks to @​vra5107)
  • Default to literal block scalar if folded would overflow (#585)

v2.6.0

  • Use a proper tag for !!merge << keys (#580)
  • Add stringKeys parse option (#581)
  • Stringify a Document as a Document (#576)
  • Add sponsorship by Manifest
Commits
  • ce14587 2.8.3
  • 1e84ebb fix: Catch stack overflow during node composition
  • 6b24090 ci: Include Prettier check in lint action
  • 9424dee chore: Refresh lockfile
  • d1aca82 Add trailingComma ToString option for multiline flow formatting (#670)
  • 4321509 ci: Drop the branch filter from GitHub PR actions
  • 47207d0 chore: Update docs-slate
  • 5212fae chore: Update docs-slate
  • 086fa6b 2.8.2
  • 95f01e9 chore: Add funding to package.json
  • Additional commits viewable in compare view

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 25, 2026
@meta-cla meta-cla bot added the CLA Signed label Mar 25, 2026
@meta-codesync
Copy link
Copy Markdown

meta-codesync bot commented Mar 25, 2026

@facebook-github-bot has imported this pull request. If you are a Meta employee, you can view this in D98206074. (Because this pull request was imported automatically, there will not be any future comments.)

@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/addons/yaml-2.8.3 branch 2 times, most recently from 504ce3f to 36306cb Compare March 30, 2026 15:50
@facebook-github-tools
Copy link
Copy Markdown

facebook-github-tools bot commented Mar 30, 2026

@dependabot[bot] has updated the pull request. You must reimport the pull request before landing.

1 similar comment
@facebook-github-tools
Copy link
Copy Markdown

facebook-github-tools bot commented Mar 30, 2026

@dependabot[bot] has updated the pull request. You must reimport the pull request before landing.

@dependabot
build(deps): bump yaml from 2.5.1 to 2.8.3 in /addons
7012f1d 
Bumps [yaml](https://github.com/eemeli/yaml) from 2.5.1 to 2.8.3.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v2.5.1...v2.8.3)

---
updated-dependencies:
- dependency-name: yaml
  dependency-version: 2.8.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/addons/yaml-2.8.3 branch from 36306cb to 7012f1d Compare March 30, 2026 19:22
@facebook-github-tools
Copy link
Copy Markdown

facebook-github-tools bot commented Mar 30, 2026

@dependabot[bot] has updated the pull request. You must reimport the pull request before landing.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

CLA Signed dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants