Skip to content
This repository was archived by the owner on Dec 11, 2025. It is now read-only.

chore: add js-yaml package to dependencies and update yarn.lock#65

Merged
dragos199993 merged 1 commit into
mainfrom
ENG-4013_medium-vulnerabilities-fixes
Nov 20, 2025
Merged

chore: add js-yaml package to dependencies and update yarn.lock#65
dragos199993 merged 1 commit into
mainfrom
ENG-4013_medium-vulnerabilities-fixes

Conversation

@dragos199993

@dragos199993 dragos199993 commented Nov 20, 2025

Copy link
Copy Markdown
Member

Note

Pins js-yaml to 4.1.1 via resolutions and updates yarn.lock to dedupe js-yaml and remove legacy transitive deps.

  • Dependencies:
    • Add js-yaml resolution at 4.1.1 in package.json.
  • Lockfile:
    • Update yarn.lock to resolve all js-yaml ranges to 4.1.1.
    • Remove legacy transitive entries tied to older js-yaml (e.g., argparse@^1, esprima, sprintf-js).

Written by Cursor Bugbot for commit 58e2399. Configure here.

@cursor cursor Bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Comment @cursor review or bugbot run to trigger another review on this PR

Comment thread package.json
Comment thread yarn.lock
@dragos199993 dragos199993 merged commit 07ae77e into main Nov 20, 2025
4 checks passed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants