Skip to content

build(deps): bump yaml and lint-staged#404

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-862f68855e
Open

build(deps): bump yaml and lint-staged#404
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/multi-862f68855e

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 26, 2026

Bumps yaml to 2.8.3 and updates ancestor dependency lint-staged. These dependencies need to be updated together.

Updates yaml from 2.5.0 to 2.8.3

Release notes

Sourced from yaml's releases.

v2.8.3

  • Add trailingComma ToString option for multiline flow formatting (#670)
  • Catch stack overflow during node composition (1e84ebb)

v2.8.2

  • Serialize -0 as -0 (#638)
  • Do not double newlines for empty map values (#642)

v2.8.1

  • Preserve empty block literals (#634)

v2.8.0

  • Add node cache for faster alias resolution (#612)
  • Re-introduce compatibility with Node.js 14.6 (#614)
  • Add --merge option to CLI tool (#611)
  • Improve error for tag resolution error on null value (#616)
  • Allow empty string as plain scalar representation, for failsafe schema (#616)
  • docs: include cli example (#617)

v2.7.1

  • Do not allow seq with single-line collection value on same line with map key (#603)
  • Improve warning & avoid TypeError on bad YAML 1.1 nodes (#610)

v2.7.0

The library is now available on JSR as @​eemeli/yaml and on deno.land/x as yaml. In addition to Node.js and browsers, it should work in Deno, Bun, and Cloudflare Workers.

  • Use .ts extension in all relative imports (#591)
  • Ignore newline after block seq indicator as space before value (#590)
  • Require Node.js 14.18 or later (was 14.6) (#598)

v2.6.1

  • Do not strip :00 seconds from !!timestamp values (#578, with thanks to @​qraynaud)
  • Tighten regexp for JSON !!bool (#587, with thanks to @​vra5107)
  • Default to literal block scalar if folded would overflow (#585)

v2.6.0

  • Use a proper tag for !!merge << keys (#580)
  • Add stringKeys parse option (#581)
  • Stringify a Document as a Document (#576)
  • Add sponsorship by Manifest

v2.5.1

  • Include range in flow sequence pair maps (#573)
Commits
  • ce14587 2.8.3
  • 1e84ebb fix: Catch stack overflow during node composition
  • 6b24090 ci: Include Prettier check in lint action
  • 9424dee chore: Refresh lockfile
  • d1aca82 Add trailingComma ToString option for multiline flow formatting (#670)
  • 4321509 ci: Drop the branch filter from GitHub PR actions
  • 47207d0 chore: Update docs-slate
  • 5212fae chore: Update docs-slate
  • 086fa6b 2.8.2
  • 95f01e9 chore: Add funding to package.json
  • Additional commits viewable in compare view

Updates lint-staged from 15.2.9 to 15.5.2

Release notes

Sourced from lint-staged's releases.

v15.5.2

Patch Changes

v15.5.1

Patch Changes

  • #1533 5d53534 Thanks @​iiroj! - Improve listing of staged files so that lint-staged doesn't crash when encountering an uninitialized submodule. This should result in less errors like:

    ✖ Failed to get staged files!

v15.5.0

Minor Changes

  • #1526 630af5f Thanks @​iiroj! - Lint-staged no longer resets to the original state when preventing an empty git commit. This happens when your configured tasks reset all the staged changes, typically when trying to commit formatting changes which conflict with your linter setup like ESLint or Prettier.

    Example with Prettier

    By default Prettier prefers double quotes.

    Previously

    1. Stage file.js with only double quotes " changed to '
    2. Run git commit -am "I don't like double quotes"
    3. Lint-staged runs prettier --write file.js, converting all the ' back to "
    4. Because there are now no changes, lint-staged fails, cancels the commit, and resets back to the original state
    5. Commit was not done, original state is restored and single quotes ' are staged

    Now

    1. Stage file.js with only double-quotes " changed to '
    2. Run git commit -am "I don't like double quotes"
    3. Lint-staged runs prettier --write file.js, converting all the ' back to "
    4. Because there are now no changes, lint-staged fails and cancels the commit
    5. Commit was not done, and there are no staged changes

v15.4.3

Patch Changes

  • #1512 cbfed1d Thanks @​tarik02! - Adjust TypeScript types for the default export so that it can be used as a value without error TS2693.

v15.4.2

Patch Changes

  • #1509 8827ebf Thanks @​iiroj! - Change lint-staged's dependencies to use caret (^) ranges instead of tilde (~). This makes it easier for package managers to perform dependency management when minor-level updates are also permitted instead of just patch-level.

v15.4.1

Patch Changes

... (truncated)

Changelog

Sourced from lint-staged's changelog.

15.5.2

Patch Changes

15.5.1

Patch Changes

  • #1533 5d53534 Thanks @​iiroj! - Improve listing of staged files so that lint-staged doesn't crash when encountering an uninitialized submodule. This should result in less errors like:

    ✖ Failed to get staged files!

15.5.0

Minor Changes

  • #1526 630af5f Thanks @​iiroj! - Lint-staged no longer resets to the original state when preventing an empty git commit. This happens when your configured tasks reset all the staged changes, typically when trying to commit formatting changes which conflict with your linter setup like ESLint or Prettier.

    Example with Prettier

    By default Prettier prefers double quotes.

    Previously

    1. Stage file.js with only double quotes " changed to '
    2. Run git commit -am "I don't like double quotes"
    3. Lint-staged runs prettier --write file.js, converting all the ' back to "
    4. Because there are now no changes, lint-staged fails, cancels the commit, and resets back to the original state
    5. Commit was not done, original state is restored and single quotes ' are staged

    Now

    1. Stage file.js with only double-quotes " changed to '
    2. Run git commit -am "I don't like double quotes"
    3. Lint-staged runs prettier --write file.js, converting all the ' back to "
    4. Because there are now no changes, lint-staged fails and cancels the commit
    5. Commit was not done, and there are no staged changes

15.4.3

Patch Changes

  • #1512 cbfed1d Thanks @​tarik02! - Adjust TypeScript types for the default export so that it can be used as a value without error TS2693.

15.4.2

Patch Changes

... (truncated)

Commits
  • 8e91302 chore(changeset): release
  • 64148fd Merge pull request #1545 from lint-staged/revert-v16-changes
  • 46f47b2 Revert "build(deps): update dependencies"
  • 9472af9 Revert "build(execa): upgrade execa@9.5.2, require Node.js ^18.19.0 || >=20.5.0"
  • 9e17c9c Revert "chore: remove validation of deprecated advanced config options"
  • 6fda79a Revert "feat: remove --shell flag support"
  • e1ea676 Revert "feat: replace execa with nano-spawn"
  • 5561321 fix: handle colon characters in staged filenames (#1544)
  • dcc9a51 feat: replace execa with nano-spawn
  • 2fa909d feat: remove --shell flag support
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
build(deps): bump yaml and lint-staged
7559eaf 
Bumps [yaml](https://github.com/eemeli/yaml) to 2.8.3 and updates ancestor dependency [lint-staged](https://github.com/lint-staged/lint-staged). These dependencies need to be updated together.


Updates `yaml` from 2.5.0 to 2.8.3
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v2.5.0...v2.8.3)

Updates `lint-staged` from 15.2.9 to 15.5.2
- [Release notes](https://github.com/lint-staged/lint-staged/releases)
- [Changelog](https://github.com/lint-staged/lint-staged/blob/main/CHANGELOG.md)
- [Commits](lint-staged/lint-staged@v15.2.9...v15.5.2)

---
updated-dependencies:
- dependency-name: yaml
  dependency-version: 2.8.3
  dependency-type: indirect
- dependency-name: lint-staged
  dependency-version: 15.5.2
  dependency-type: direct:development
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Mar 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants