Skip to content

chore(deps-dev): bump js-yaml from 3.14.2 to 3.15.0 in /easyfinance.client#892

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/easyfinance.client/js-yaml-3.15.0
Closed

chore(deps-dev): bump js-yaml from 3.14.2 to 3.15.0 in /easyfinance.client#892
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/npm_and_yarn/easyfinance.client/js-yaml-3.15.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 28, 2026

Copy link
Copy Markdown
Contributor

Bumps js-yaml from 3.14.2 to 3.15.0.

Changelog

Sourced from js-yaml's changelog.

4.3.0, 3.15.0 - 2026-06-27

Security

  • Backported maxTotalMergeKeys option.

[5.2.0] - 2026-06-26

Added

  • Added maxTotalMergeKeys (10000) loader option to limit the total number of keys processed by YAML merge (<<) across one load() / loadAll() call.
  • Added maxAliases (-1) loader option to limit the number of YAML aliases per document.

Removed

  • maxMergeSeqLength replaced with maxTotalMergeKeys for limiting YAML merge processing.

Fixed

  • Round-trip of integers with exponential form (>= 1e21)

[5.1.0] - 2026-06-23

Added

  • Collection tags can finalize an incrementally populated carrier into a different result value.

Changed

  • [breaking] quoteStyle now selects the preferred quote style; use the restored forceQuotes option to force quoting non-key strings.

[5.0.0] - 2026-06-20

Added

  • Added named exports for schemas, tags, parser events and AST utilities.
  • Reworked JSON_SCHEMA and CORE_SCHEMA with spec-compliant scalar resolution rules, and added YAML11_SCHEMA.
  • Added realMapTag for lossless mappings with non-string and complex keys. Object-based mappings now reject complex keys instead of stringifying them.
  • Added dump() transform option for changing the generated AST before rendering.
  • Added dump() options seqInlineFirst, flowBracketPadding, flowSkipCommaSpace, flowSkipColonSpace, quoteFlowKeys, quoteStyle and tagBeforeAnchor.
  • Added formal data layers (events and AST) for modular data pipelines.
    • Added low-level parser (to events), presenter and visitor APIs.
  • Added the YAML Test Suite to the test set.

Changed

  • See the migration guide for upgrade notes.
  • Rewritten in TypeScript and reorganized the public API around flat named exports.

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Jun 28, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/easyfinance.client/js-yaml-3.15.0 branch from 1f97867 to 46e2065 Compare July 1, 2026 07:09
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.2 to 3.15.0.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@3.14.2...3.15.0)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 3.15.0
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/easyfinance.client/js-yaml-3.15.0 branch from 46e2065 to 8b0de5b Compare July 1, 2026 07:20
@FelipePSoares

Copy link
Copy Markdown
Owner

Superseded by PR #895 (batch dependency update)

@dependabot @github

dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.

@FelipePSoares FelipePSoares deleted the dependabot/npm_and_yarn/easyfinance.client/js-yaml-3.15.0 branch July 3, 2026 18:32
FelipePSoares added a commit that referenced this pull request Jul 3, 2026
* chore: batch dependency updates + .NET 10 migration

Closes: PR #894, #893, #892, #891, #890, #889, #887, #886, #885, #884, #883, #880, #879, #877, #876, #875, #874, #873, #872, #871, #870, #868, #866, #864, #862, #861

Updates:
- .NET 8 -> .NET 10 (TFM net8.0 -> net10.0, all Microsoft.* packages -> 10.0.9)
- Swashbuckle.AspNetCore 7.2.0 -> 10.2.3 (with OpenApi namespace fix)
- Microsoft.NET.Test.Sdk 18.6.0 -> 18.7.0
- Serilog.Sinks.Http, WebPush, Jwt packages
- EF Core 8.0.12 -> 10.0.9
- Angular 22.0.1 -> 22.0.4 (cdk/material 22.0.2)
- eslint frontend 9.x -> 10.6.0
- expo 56 -> 57
- expo-notifications 56 -> 57
- react-native 0.85.3 -> 0.86.0
- react 19.2.3 -> 19.2.7
- React Navigation, i18next, axios, react-query, etc.
- GitHub Actions (checkout v6->v7, cache v5->v6)
- dotnet-version 8.0.x -> 10.0.x in CI

* fix: upgrade jest-expo to 57.0.1 for expo 57 compatibility

jest-expo@56 required @react-native/jest-preset@^0.85.0,
conflicting with react-native 0.86 that needs @react-native/jest-preset@0.86.0

* fix: regenerate lockfiles without --legacy-peer-deps for npm ci compatibility

---------

Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant