Skip to content

Bump yaml from 1.10.2 to 1.10.3#1695

Merged
tonidero merged 2 commits into
mainfrom
dependabot/npm_and_yarn/yaml-1.10.3
Mar 26, 2026
Merged

Bump yaml from 1.10.2 to 1.10.3#1695
tonidero merged 2 commits into
mainfrom
dependabot/npm_and_yarn/yaml-1.10.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Mar 25, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps yaml from 1.10.2 to 1.10.3.

Commits
  • cfe8f04 1.10.3
  • 7abcf45 fix: Catch stack overflow during CST composition
  • a0252f8 chore: Add rules avoiding processing of tests/json-test-suite
  • a5e83b0 style: Apply updates Prettier rules
  • b8ddca0 chore: Refresh lockfile
  • 395f892 ci: Use a different (working) submodule checkout
  • 6fd2720 test-events: Add {} and [] indicators to flow maps & sequences
  • See full diff in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code labels Mar 25, 2026
@dependabot dependabot Bot requested a review from a team as a code owner March 25, 2026 20:27
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/yaml-1.10.3 branch from 49a020f to 4c9d258 Compare March 26, 2026 07:27
@dependabot
Bump yaml from 1.10.2 to 1.10.3
ffb9574 
Bumps [yaml](https://github.com/eemeli/yaml) from 1.10.2 to 1.10.3.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v1.10.2...v1.10.3)

---
updated-dependencies:
- dependency-name: yaml
  dependency-version: 1.10.3
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/yaml-1.10.3 branch from 4c9d258 to ffb9574 Compare March 26, 2026 07:36
@tonidero tonidero enabled auto-merge (squash) March 26, 2026 07:37
@tonidero tonidero merged commit 00344b9 into main Mar 26, 2026
8 checks passed
@tonidero tonidero deleted the dependabot/npm_and_yarn/yaml-1.10.3 branch March 26, 2026 07:54
@RCGitBot RCGitBot mentioned this pull request Mar 27, 2026
Merged
RCGitBot added a commit that referenced this pull request Mar 27, 2026
@RCGitBot
[AUTOMATIC] Release/9.15.0 (#1701)
0a7c6d0 
**This is an automatic release.**

## RevenueCat SDK
### ✨ New Features
* CustomerCenter: Adds onPromotionalOfferSucceeded callback, bump
purchases-hybrid-common to 17.53.0 (#1684) via RevenueCat Git Bot
(@RCGitBot)
* [Android
9.27.0](https://github.com/RevenueCat/purchases-android/releases/tag/9.27.0)
* [iOS
5.66.0](https://github.com/RevenueCat/purchases-ios/releases/tag/5.66.0)
### 📦 Dependency Updates
* [RENOVATE] Update dependency gradle to v9.4.1 (#1688) via RevenueCat
Git Bot (@RCGitBot)

### 🔄 Other Changes
* Bump node-forge from 1.3.3 to 1.4.0 (#1700) via dependabot[bot]
(@dependabot[bot])
* Bump fastlane-plugin-revenuecat_internal from `9a6911b` to `f11fe40`
(#1699) via dependabot[bot] (@dependabot[bot])
* Bump yaml from 1.10.2 to 1.10.3 (#1695) via dependabot[bot]
(@dependabot[bot])
* Bump yaml from 2.8.2 to 2.8.3 in /examples/MagicWeather (#1698) via
dependabot[bot] (@dependabot[bot])
* Bump picomatch from 2.3.1 to 2.3.2 (#1697) via dependabot[bot]
(@dependabot[bot])
* Bump picomatch from 2.3.1 to 2.3.2 in /examples/MagicWeather (#1696)
via dependabot[bot] (@dependabot[bot])
* Bump activesupport from 7.2.2.1 to 7.2.3.1 in
/examples/purchaseTesterTypescript (#1693) via dependabot[bot]
(@dependabot[bot])
* Bump fast-xml-parser from 4.5.4 to 4.5.5 in /examples/MagicWeather
(#1692) via dependabot[bot] (@dependabot[bot])
* security: pin GitHub Actions to SHA hashes (#1691) via Alfonso
Embid-Desmet (@alfondotnet)
* Bump activesupport from 7.2.2.2 to 7.2.3.1 (#1690) via dependabot[bot]
(@dependabot[bot])
* Bump activesupport from 7.2.2.1 to 7.2.3.1 in /examples/MagicWeather
(#1689) via dependabot[bot] (@dependabot[bot])
* Merge release PR after deploy (#1686) via Antonio Pallares
(@ajpallares)
* Require PR approval before release tagging (#1685) via Antonio
Pallares (@ajpallares)
* Bump flatted from 3.3.3 to 3.4.2 in /examples/MagicWeather (#1687) via
dependabot[bot] (@dependabot[bot])
* Bump json from 2.18.1 to 2.19.2 (#1683) via dependabot[bot]
(@dependabot[bot])

---------

Co-authored-by: RevenueCat CI <dev+ci@revenuecat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tonidero tonidero tonidero approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update Javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@tonidero