berry icon indicating copy to clipboard operation
berry copied to clipboard
verified publisher icon yarnpkg

feat: bump `js-yaml` to v4

Open JounQin opened this issue 9 months ago • 3 comments

By the way, https://www.npmjs.com/package/yaml is more spec compliant

https://github.com/orgs/remarkjs/discussions/1006#discussioncomment-2955255

Friendly ping @arcanis

What's the problem this PR addresses?

As title

How did you fix it?

As title

Checklist

  • [x] I have set the packages that need to be released for my changes to be effective.
  • [x] I will check that all automated PR checks pass before the PR gets reviewed.

JounQin avatar Apr 15 '25 02:04 JounQin

Is there a specific bug you think is important? I'm a little wary of applying a major upgrade to a dependency if it already works fine 🤔

arcanis avatar May 18 '25 06:05 arcanis

@arcanis https://github.com/yarnpkg/berry/issues/2297#issuecomment-2803568050

Not sure what's happening although.

JounQin avatar May 18 '25 06:05 JounQin

Might be more relevant now with the CVE

jdalrymple avatar Nov 17 '25 18:11 jdalrymple