Skip to content

chore(deps): bump yaml from 2.6.0 to 2.8.2#6816

Closed
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/yaml-2.8.2
Closed

chore(deps): bump yaml from 2.6.0 to 2.8.2#6816
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/npm_and_yarn/yaml-2.8.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Jan 28, 2026
edited
Loading

Bumps yaml from 2.6.0 to 2.8.2.

Release notes

Sourced from yaml's releases.

v2.8.2

  • Serialize -0 as -0 (#638)
  • Do not double newlines for empty map values (#642)

v2.8.1

  • Preserve empty block literals (#634)

v2.8.0

  • Add node cache for faster alias resolution (#612)
  • Re-introduce compatibility with Node.js 14.6 (#614)
  • Add --merge option to CLI tool (#611)
  • Improve error for tag resolution error on null value (#616)
  • Allow empty string as plain scalar representation, for failsafe schema (#616)
  • docs: include cli example (#617)

v2.7.1

  • Do not allow seq with single-line collection value on same line with map key (#603)
  • Improve warning & avoid TypeError on bad YAML 1.1 nodes (#610)

v2.7.0

The library is now available on JSR as @​eemeli/yaml and on deno.land/x as yaml. In addition to Node.js and browsers, it should work in Deno, Bun, and Cloudflare Workers.

  • Use .ts extension in all relative imports (#591)
  • Ignore newline after block seq indicator as space before value (#590)
  • Require Node.js 14.18 or later (was 14.6) (#598)

v2.6.1

  • Do not strip :00 seconds from !!timestamp values (#578, with thanks to @​qraynaud)
  • Tighten regexp for JSON !!bool (#587, with thanks to @​vra5107)
  • Default to literal block scalar if folded would overflow (#585)
Commits
  • 086fa6b 2.8.2
  • 95f01e9 chore: Add funding to package.json
  • 152e204 style: Apply updated Prettier rules & satisfy updated ESLint
  • 3f3378c chore: Drop unused dependency cross-env
  • f0b9af7 chore: Update to @​rollup/plugin-replace v6
  • e3cafc7 chore: Update to eslint-config-prettier v10
  • 553c1b5 chore: Refresh lockfile
  • 70a8db3 fix: Do not double newlines for empty map values (#642)
  • 92821f2 ci: Limit action permissions to minimum required
  • 95285f8 fix: Serialize -0 as -0 (fixes #638)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 28, 2026
@dependabot dependabot bot requested a review from a team as a code owner January 28, 2026 14:05
@dependabot dependabot bot requested a review from gbockus-sf January 28, 2026 14:05
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Jan 28, 2026
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/yaml-2.8.2 branch from e3afafc to 7c24934 Compare February 3, 2026 22:37
@dependabot
chore(deps): bump yaml from 2.6.0 to 2.8.2
5555478 
Bumps [yaml](https://github.com/eemeli/yaml) from 2.6.0 to 2.8.2.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v2.6.0...v2.8.2)

---
updated-dependencies:
- dependency-name: yaml
  dependency-version: 2.8.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/yaml-2.8.2 branch from 7c24934 to 5555478 Compare February 11, 2026 16:07
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Feb 16, 2026

Looks like yaml is up-to-date now, so this is no longer needed.

@dependabot dependabot bot closed this Feb 16, 2026
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/yaml-2.8.2 branch February 16, 2026 19:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gbockus-sf gbockus-sf Awaiting requested review from gbockus-sf gbockus-sf is a code owner automatically assigned from forcedotcom/ide-experience

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants