Skip to content

chore(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 in /cli-tests#1726

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/cli-tests/js-yaml-4.1.1
Closed

chore(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 in /cli-tests#1726
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/npm_and_yarn/cli-tests/js-yaml-4.1.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Nov 15, 2025
edited
Loading

Bumps js-yaml from 4.1.0 to 4.1.1.

Changelog

Sourced from js-yaml's changelog.

[4.1.1] - 2025-11-12

Security

  • Fix prototype pollution issue in yaml merge (<<) operator.
Commits

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot Bot added auto-update-base dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Nov 15, 2025
@dependabot dependabot Bot requested a review from a team as a code owner November 15, 2025 21:28
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code auto-update-base labels Nov 15, 2025
@recharte
Copy link
Copy Markdown
Contributor

recharte commented May 4, 2026

@dependabot recreate

@dependabot
chore(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 in /cli-tests
696e891 
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.0 to 4.1.1.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@4.1.0...4.1.1)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/cli-tests/js-yaml-4.1.1 branch from c769eb8 to 696e891 Compare May 4, 2026 14:46
@dependabot dependabot Bot requested a review from a team as a code owner May 4, 2026 14:46
@recharte
Copy link
Copy Markdown
Contributor

recharte commented May 4, 2026

@dependabot recreate

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 4, 2026

Looks like js-yaml is up-to-date now, so this is no longer needed.

@dependabot dependabot Bot closed this May 4, 2026
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/cli-tests/js-yaml-4.1.1 branch May 4, 2026 15:36
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@recharte