Skip to content

Bump yaml from 1.9.2 to 1.10.3#55

Merged
matyikriszta merged 1 commit intomasterfrom
dependabot/npm_and_yarn/yaml-1.10.3
May 10, 2026
Merged

Bump yaml from 1.9.2 to 1.10.3#55
matyikriszta merged 1 commit intomasterfrom
dependabot/npm_and_yarn/yaml-1.10.3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 25, 2026
edited
Loading

Bumps yaml from 1.9.2 to 1.10.3.

Release notes

Sourced from yaml's releases.

v1.10.2

  • prettier/prettier#10510

v1.10.1

This release backports the following non-breaking fixes made during the work on yaml@2 on top of yaml@1.10.0:

  • Support for __proto__ as mapping key & anchor identifier (#192)
  • Fix broken TS type for BigInt toggle
  • Dump long keys properly (#195)
  • When folding highly indented lines, require at least minContentWidth chars on the first line (#196)
  • Fix YAML.stringify() for certain null values (#197)
  • Do not break escaped chars with escaped newlines (#237, awslabs/cdk8s8)
  • Set type: "module" within browser/dist/ (#208)
  • Use CommonJS for the browser endpoints yaml/types & yaml/util (#208)
  • Always stringify non-Node object keys using explicit notation (#218)
  • Specify node type of Document.Parsed.contents (#221)
  • Add missing type for CST Node.rangeAsLinePos (#222)
  • Prefer literal over folded block scalar when lineWidth=0 is set (#232)
  • Allow for empty lines after node props (#242)
  • Update dev dependencies

v1.10.0

This will probably be the last minor release of yaml@1. I'm aiming to release yaml@2 within a few months; prereleases of that will be published using the next dist-tag on npm. Patch releases for 1.10 may still happen, if necessary.

New Features

  • Use Rollup for Node.js & browser builds (#165)
    • This removes most of the internal dist/ paths from the release. If you want/need to use a class or function that is no longer public, please file an issue and we can add it to the exports.
    • Drop dependency on @babel/runtime. After this, the package has 0 runtime dependencies. 🎉
    • Add exports { Alias, Collection, Merge, Node } to 'yaml/types'
  • Document Schema.createPair() & make its ctx arg optional (#157)
  • Always indent top-level scalars with lines starting with document markers or % directives (#162)
  • Use double-space when forcing top-level block scalar indent, for clarity (#162)
  • Add getNodes(): string[] method to Anchors (#166)
  • Refactor Jest config, adding tests for compiled dist/ endpoints
  • Rename & refactor source files. This should have no effect on the results, but lots of stuff moved around

Improved Errors & Warnings

  • Throw more helpful error when setting Pair.commentBefore incorrectly (#157)
  • Better errors for bad indents (#169)
  • Drop incorrect error for flow mapping keys with length > 1024 chars
  • Add errors for plain scalars that start with reserved indicators
  • Add more explicit errors for block scalar values with bad indents
  • Enable log prints during npm start debugging

Improved TypeScript declarations

  • Fix/simplify export mapping of 'yaml/types' and 'yaml/util'
  • Fix types, dropping AST.{AstNode,ScalarNode,CollectionNode} (#160)
  • Add missing toString() methods to AST nodes (#159)
  • Add directivesEndMarker to Document type (#167)

... (truncated)

Commits
  • cfe8f04 1.10.3
  • 7abcf45 fix: Catch stack overflow during CST composition
  • a0252f8 chore: Add rules avoiding processing of tests/json-test-suite
  • a5e83b0 style: Apply updates Prettier rules
  • b8ddca0 chore: Refresh lockfile
  • 395f892 ci: Use a different (working) submodule checkout
  • 6fd2720 test-events: Add {} and [] indicators to flow maps & sequences
  • 4cdcde6 1.10.2
  • 7c0e083 Allow for unindented comment after node props (#242)
  • 8ef0157 1.10.1
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 25, 2026
@matyikriszta
Copy link
Copy Markdown
Contributor

matyikriszta commented May 10, 2026

@dependabot rebase

@dependabot
Bump yaml from 1.9.2 to 1.10.3
33c03f5 
Bumps [yaml](https://github.com/eemeli/yaml) from 1.9.2 to 1.10.3.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v1.9.2...v1.10.3)

---
updated-dependencies:
- dependency-name: yaml
  dependency-version: 1.10.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump yaml from 1.10.2 to 1.10.3 Bump yaml from 1.9.2 to 1.10.3 May 10, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/yaml-1.10.3 branch from 22b821f to 33c03f5 Compare May 10, 2026 04:09
@matyikriszta matyikriszta merged commit e30b804 into master May 10, 2026
2 checks passed
@matyikriszta matyikriszta deleted the dependabot/npm_and_yarn/yaml-1.10.3 branch May 10, 2026 04:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@matyikriszta