Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Snyk] Upgrade yaml from 1.10.2 to 2.1.1 #4

Open
wants to merge 1 commit into
base: latest
Choose a base branch
from
Open

[Snyk] Upgrade yaml from 1.10.2 to 2.1.1 #4

wants to merge 1 commit into from

Conversation

snyk-bot
Copy link

Snyk has created this PR to upgrade yaml from 1.10.2 to 2.1.1.

merge advice
ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Warning: This is a major version upgrade, and may be a breaking change.

  • The recommended version is 16 versions ahead of your current version.
  • The recommended version was released 23 days ago, on 2022-05-29.
Release notes
Package name: yaml
  • 2.1.1 - 2022-05-29

    No changes in executable code, only TS types.

    • Revert "Use TS named tuple for range (#385)" -- see #393
    • Fix types for compatibility with TS 4.2 and 4.7
    • Add CI workflow for testing published type in a range of TS versions
  • 2.1.0 - 2022-05-14

    Fixes for TypeScript users. Arguably this could've been a patch release as well.

    • Improve/specify/fix TS types for Document & collection access methods (#383)
    • Use TS named tuple for range (#385)
    • Rename internal Document option as _directives to resolve type conflict with ToString options (#389)
    • Update tsc target to ES2020 to match Node.js support
    • Update dev dependencies, including jest 28
  • 2.0.1 - 2022-04-15
    • Fix tags and anchors on map keys (#378)
  • 2.0.0 - 2022-04-06
    Read more
  • 2.0.0-11 - 2022-03-22

    This version of yaml has been published to npm using the next dist-tag, so install it with:

    npm install --save-exact yaml@next

    BREAKING CHANGES

    YAML.defaultOptions is removed (#346)

    For a while, it's been undocumented, but still available. Since the options refactor of #235, it has only provided defaults for Parse & Document options, and not any of the others, so its name is a bit misleading as well.

    If you're using YAML.defaultOptions, you'll need to explicitly set the options in the appropriate parse*() and new Document() calls after this change.

    directives.marker is renamed as directives.docStart (#371)

    The behaviour of the property stays the same as before.

    New Features

    • Add warning for aliases & anchors ending with a colon (#370)
    • Add directives.docEnd, for ... marker (#371)
    • Add YAML.visitAsync() (#372)

    Bugfixes

    • Flow collection keys in block maps (redhat-developer/vscode-yaml#712)
    • Error on %YAML directives with content after version (#348)
    • Use correct check for empty null source (#366)
    • Do not throw during composition, even for bad tokens (#367)
    • Error on invalid %YAML directives
    • Empty block scalars with chomp=keep & trailing whitespace
    • Parse ? : x as { ? { : x } }
    • Do not consider tabs as indent for flow collections
    • Include trailing more-indented empty lines in block scalar contents
    • Should complain about -, and -] in flow collections
    • Update dev dependencies, including @ types/node downgrade

    Test Improvements

    • Update yaml-test-suite, skipping some new tests
    • Don't needlessly skip yaml-test-suite B63P test
    • test-events: Do not skip events for only apparently empty documents
    • yaml-test-suite: Skip in.json tests when expecting errors
  • 2.0.0-10 - 2021-12-31

    This version of yaml has been published to npm using the next dist-tag, so install it with:

    npm install --save-exact yaml@next

    BREAKING CHANGES

    • The TS type of doc.directives now indicates it as optional. Its actual value has not changed, but the type needs to account for what might happen if doc.setSchema() is called with a null version argument. (#344)

    New Features

    Add a compatibility checker (#335)

    Adds a new schema option compat: string | Tags. If set, warns during composition about compatibility issues with the given schema. When stringifying, uses scalar styles that are parsed correctly by the compat schema as well as the actual schema.

    Support for Non-YAML Schemas

    While YAML is a superset of JSON, it isn't a strict superset of other JSON-based configuration languages. Feature-wise, though, these languages are as a rule a subset of YAML features, so let's build some groundwork for supporting them as well by making additional aspects of this library configurable.

    • Add commentString option, refactor internals to support it (#336)
    • Add toStringDefaults option (#337)
    • Add collectionStyle option (#343)
    • Allow for Schema instance as schema option (#344)

    Test Improvements

    • Add json-test-suite as git submodule (#340)
    • Update to latest yaml-test-suite data
    • Add {} and [] indicators to flow maps & sequences in test-events output (used by the YAML Test Matrix)
    • Use --target es5 in test:dist:types script (#334)

    Bugfixes

    • Allow for custom schemas in TS types (#325)
    • Flow collection expected-end error (#328)
    • parser: flow-error-end token should not advance offset
    • Handle duplicate flow : indicators correctly
    • Correctly stringify non-finite scalars with format: 'EXP'
    • Allow block map with flow collection key as explicit key
    • Do not use negative indent for any parser tokens
  • 2.0.0-9 - 2021-11-13

    This version of yaml has been published to npm using the next dist-tag, so install it with:

    npm install --save-exact yaml@next

    Hopefully the breaking change for singleQuote: false won't cause anyone issues. Otherwise, small improvements only.

    BREAKING CHANGES

    Allow disabling single & block quotes completely (#326)

    The options for representing scalar values are refactored, such that blockQuote (new) and singleQuote (expanded) allow setting a preference as well as preventing said styles from being used at all. This changes how singleQuote: false is handled. To retain the previous behaviour, use singleQuote: null or leave the option unset.

    New Features

    • Add keepSoureToken parse option, adding srcToken values to Nodes (#309)
    • Allow for custom schema id, provided that customTags is defined (#325)
    • Expose tags & types required by custom composers (#325)

    Bugfixes

    • cst: Specify resolveAsScalar return type
    • lexer: Reset flow-key flag on comma in flow collection (#316)
    • lexer: Allow unindented comment in flow collection
    • Support seq-of-maps merge key values (#321)
    • compose: Indent level of empty block scalars with keep chomping (#313)
    • Honor singleQuote option more widely
    • Get rid of extra whitespace around empty map values
    • Drop ...expansion from public TS interfaces (#334)
  • 2.0.0-8 - 2021-09-06

    This version of yaml has been published to npm using the next dist-tag, so install it with:

    npm install --save-exact yaml@next

    This release doesn't really do anything major, it's really just an accumulation of small things over the past few weeks.

    New Features

    • Add a new createNode option aliasDuplicateObjects (#299)
    • Add clone() methods to Document, Directives, Schema and all Nodes (#304)

    Bugfixes

    • lexer: Cache line end positions (#298)
    • Handle doc.createNode(doc) the same as doc.createNode(doc.contents) (#303)
    • Allow for collection setIn() to handle objects, including duplicates
    • Fix parsing errors with CRLF line endings (#306, #307)
  • 2.0.0-7 - 2021-07-17

    This version of yaml has been published to npm using the next dist-tag, so install it with:

    npm install --save-exact yaml@next

    This release doesn't really do anything major, it's really just an accumulation of small things over the past few weeks. Thanks in particular to @ ingydotnet for his continuing help in finding corner cases of invalid input being parsed as valid.

    New Features

    • Support immediate map values for << merge keys, in addition to alias values

    Bugfixes

    • Anchors for duplicate objects that stringify as strings (#287)
    • Complain about empty aliases & anchors
    • Do not throw for "%" as document
    • Complain about plain scalars starting with , or %
    • Use correct character set for tags
  • 2.0.0-6 - 2021-06-14
    Read more
  • 2.0.0-5 - 2021-04-18
  • 2.0.0-4 - 2021-03-13
  • 2.0.0-3 - 2021-01-31
  • 2.0.0-2 - 2021-01-31
  • 2.0.0-1 - 2020-10-05
  • 2.0.0-0 - 2020-08-23
  • 1.10.2 - 2021-03-13
from yaml GitHub release notes
Commit messages
Package name: yaml

Compare

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Filename containing 'history' published besides not in whitelist
1 participant
@snyk-bot