Skip to content

chore: update js-yaml to v3.14.2 #874

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
amareshsm merged 1 commit into from
Dec 17, 2025
Merged

chore: update js-yaml to v3.14.2 #874

amareshsm merged 1 commit into from
Dec 17, 2025

Conversation

@lumirlumir
Copy link
Member

@lumirlumir lumirlumir commented Dec 16, 2025

Prerequisites checklist

What is the purpose of this pull request?

This PR was motivated by #843.

In this PR, I've updated js-yaml to v3.14.2 to address security vulnerabilities in [email protected].

v3.14.2 includes a backported bug fix that resolves the security issue without requiring an upgrade to v4.

Ref: https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md#3142---2025-11-15

What changes did you make? (Give an overview)

In this PR, I've updated js-yaml to v3.14.2 to address security vulnerabilities in [email protected].

Related Issues

Ref: #843

Is there anything you'd like reviewers to focus on?

N/A

@github-project-automation github-project-automation bot moved this to Needs Triage in Triage Dec 16, 2025
@netlify
Copy link

netlify bot commented Dec 16, 2025
edited
Loading

Deploy Preview for hi-eslint ready!

Name Link
🔨 Latest commit 7268aca
🔍 Latest deploy log https://app.netlify.com/projects/hi-eslint/deploys/6941284a82bfc4000815ef77
😎 Deploy Preview https://deploy-preview-874--hi-eslint.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify
Copy link

netlify bot commented Dec 16, 2025
edited
Loading

Deploy Preview for es-eslint ready!

Name Link
🔨 Latest commit 7268aca
🔍 Latest deploy log https://app.netlify.com/projects/es-eslint/deploys/6941284ab9286400088e9611
😎 Deploy Preview https://deploy-preview-874--es-eslint.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@lumirlumir lumirlumir mentioned this pull request Dec 16, 2025
Closed
1 task
@netlify
Copy link

netlify bot commented Dec 16, 2025
edited
Loading

Deploy Preview for ja-eslint ready!

Name Link
🔨 Latest commit 7268aca
🔍 Latest deploy log https://app.netlify.com/projects/ja-eslint/deploys/6941284a206ccf0008960ad9
😎 Deploy Preview https://deploy-preview-874--ja-eslint.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify
Copy link

netlify bot commented Dec 16, 2025
edited
Loading

Deploy Preview for zh-hans-eslint ready!

Name Link
🔨 Latest commit 7268aca
🔍 Latest deploy log https://app.netlify.com/projects/zh-hans-eslint/deploys/6941284a093a37000833ebca
😎 Deploy Preview https://deploy-preview-874--zh-hans-eslint.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@lumirlumir lumirlumir marked this pull request as ready for review December 16, 2025 09:38
@netlify
Copy link

netlify bot commented Dec 16, 2025
edited
Loading

Deploy Preview for fr-eslint ready!

Name Link
🔨 Latest commit 7268aca
🔍 Latest deploy log https://app.netlify.com/projects/fr-eslint/deploys/6941284a94d50b0008514c16
😎 Deploy Preview https://deploy-preview-874--fr-eslint.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

Copilot AI review requested due to automatic review settings December 16, 2025 09:38
@netlify
Copy link

netlify bot commented Dec 16, 2025
edited
Loading

Deploy Preview for pt-br-eslint ready!

Name Link
🔨 Latest commit 7268aca
🔍 Latest deploy log https://app.netlify.com/projects/pt-br-eslint/deploys/6941284adea3440008091845
😎 Deploy Preview https://deploy-preview-874--pt-br-eslint.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify
Copy link

netlify bot commented Dec 16, 2025
edited
Loading

Deploy Preview for de-eslint ready!

Name Link
🔨 Latest commit 7268aca
🔍 Latest deploy log https://app.netlify.com/projects/de-eslint/deploys/6941284abeb3fe0008a53734
😎 Deploy Preview https://deploy-preview-874--de-eslint.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@netlify
Copy link

netlify bot commented Dec 16, 2025
edited
Loading

Deploy Preview for new-eslint ready!

Name Link
🔨 Latest commit 7268aca
🔍 Latest deploy log https://app.netlify.com/projects/new-eslint/deploys/6941284aa7c8590008ff3d52
😎 Deploy Preview https://deploy-preview-874--new-eslint.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@lumirlumir lumirlumir requested a review from a team December 16, 2025 09:40
Copilot AI reviewed Dec 16, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR updates the js-yaml dependency from version 3.14.1 to 3.14.2 to address security vulnerabilities. The update uses v3.14.2, which includes a backported bug fix that resolves the security issue without requiring an upgrade to v4.

Key Changes:

  • Updated js-yaml dependency version to ^3.14.2 in both package.json and package-lock.json
  • Updated package-lock.json with new integrity hash and added license field

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File Description
package.json Updated js-yaml dependency version from ^3.14.1 to ^3.14.2
package-lock.json Updated locked version, resolved URL, integrity hash for js-yaml, and added license field

The changes are straightforward and consistent across both files. The version bump is a patch-level update that should not introduce breaking changes, making it a safe security update.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

amareshsm
amareshsm approved these changes Dec 16, 2025
View reviewed changes
Copy link
Member

@amareshsm amareshsm left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@amareshsm amareshsm merged commit 274b64d into main Dec 17, 2025
43 checks passed
@amareshsm amareshsm deleted the chore-update-js-yaml branch December 17, 2025 02:40
@github-project-automation github-project-automation bot moved this from Needs Triage to Complete in Triage Dec 17, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@amareshsm amareshsm amareshsm approved these changes

Assignees

No one assigned

Labels

accepted chore

Projects

Triage
Status: Complete

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lumirlumir @amareshsm