Skip to content

Update dependency js-yaml to v4.3.0 - autoclosed#3050

Closed
gardener-ci-robot wants to merge 1 commit into
masterfrom
renovate/js-yaml-4.x-lockfile
Closed

Update dependency js-yaml to v4.3.0 - autoclosed#3050
gardener-ci-robot wants to merge 1 commit into
masterfrom
renovate/js-yaml-4.x-lockfile

Conversation

@gardener-ci-robot

@gardener-ci-robot gardener-ci-robot commented Jun 29, 2026

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Change Age Confidence
js-yaml 4.2.04.3.0 age confidence

Release Notes

nodeca/js-yaml (js-yaml)

v4.3.0

Compare Source

Security
  • Backported maxTotalMergeKeys option.

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

@gardener-ci-robot gardener-ci-robot added the kind/enhancement Enhancement, improvement, extension label Jun 29, 2026
@gardener-ci-robot gardener-ci-robot requested a review from grolu as a code owner June 29, 2026 22:30
@gardener-ci-robot gardener-ci-robot added kind/enhancement Enhancement, improvement, extension renovate labels Jun 29, 2026
@gardener-prow

gardener-prow Bot commented Jun 29, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign petersutter for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@gardener-prow gardener-prow Bot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Jun 29, 2026
@coderabbitai

coderabbitai Bot commented Jun 29, 2026

Copy link
Copy Markdown

Review Change Stack

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: b4e75717-9ed4-42ef-b28d-cba92fcb2d2b

📥 Commits

Reviewing files that changed from the base of the PR and between de68306 and d013c2f.

⛔ Files ignored due to path filters (1)
  • yarn.lock is excluded by !**/yarn.lock, !**/*.lock
📒 Files selected for processing (1)
  • .pnp.cjs

📝 Walkthrough

Walkthrough

The .pnp.cjs Yarn PnP lockfile is updated to replace all references to js-yaml@4.2.0 with js-yaml@4.3.0, including eight dependent packageDependencies entries and the canonical cached package descriptor block with its artifact path.

js-yaml dependency bump

Layer / File(s) Summary
js-yaml 4.2.0 → 4.3.0 in PnP graph
.pnp.cjs
All packageDependencies entries referencing js-yaml npm:4.2.0 are updated to npm:4.3.0, and the cached package block is updated to the 4.3.0 artifact path.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Suggested reviewers

  • grolu
  • holgerkoser
  • klocke-io

Poem

🐇 A hop, a skip, a version bump,
From four-two to four-three we jump!
The yaml flows through the PnP tree,
Each dependency updated with glee.
Little rabbit stamps the lockfile done~ 🌿

🚥 Pre-merge checks | ✅ 5
✅ Passed checks (5 passed)
Check name Status Explanation
Title check ✅ Passed The title accurately and concisely summarizes the main change: updating js-yaml to v4.3.0.
Description check ✅ Passed The description is mostly complete with an update table, release notes, and configuration details, though some template fields are not filled in.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check ✅ Passed Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check ✅ Passed Check skipped because no linked issues were found for this pull request.
✨ Finishing Touches
📝 Generate docstrings
  • Create stacked PR
  • Commit on current branch
🧪 Generate unit tests (beta)
  • Create PR with unit tests
  • Commit unit tests in branch renovate/js-yaml-4.x-lockfile

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands.

@gardener-prow gardener-prow Bot added cla: no Indicates the PR's author has not signed the cla-assistant.io CLA. cla: yes Indicates the PR's author has signed the cla-assistant.io CLA. needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. and removed cla: no Indicates the PR's author has not signed the cla-assistant.io CLA. labels Jun 29, 2026
@gardener-prow

gardener-prow Bot commented Jun 30, 2026

Copy link
Copy Markdown

PR needs rebase.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@gardener-ci-robot gardener-ci-robot changed the title Update dependency js-yaml to v4.3.0 Update dependency js-yaml to v4.3.0 - autoclosed Jun 30, 2026
@gardener-ci-robot gardener-ci-robot deleted the renovate/js-yaml-4.x-lockfile branch June 30, 2026 08:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

cla: yes Indicates the PR's author has signed the cla-assistant.io CLA. kind/enhancement Enhancement, improvement, extension needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. renovate size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant