Changelog
*Sourced from [yarn's changelog](https://github.com/yarnpkg/yarn/blob/v1.17.3/CHANGELOG.md).*
> ## 1.17.3
>
> - Enforces https for the Yarn and npm registries.
>
> [#7393](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7393) - [**Maël Nison**](https://twitter.com/arcanis)
>
> ## 1.17.2
>
> - Adds support for reading `yarnPath` from v2-produced `.yarnrc.yml` files.
>
> [#7350](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7350) - [**Maël Nison**](https://twitter.com/arcanis)
>
> ## 1.17.0
>
> - Adds prereleases flags and prerelease identifier to `yarn version`.
>
> [#7336](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7336) - [**Daniel Seijo**](https://github.com/daniseijo)
>
> - Fixes audits when used with `yarn add` & `yarn upgrade`
>
> [#7326](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7326) - [**David Sanders**](https://github.com/dsanders11)
>
> - Adds support for the `--offline` flag to `yarn global add`
>
> [#7330](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7330) - [**Francis Crick**](https://guthub.com/fcrick)
>
> - Yarn will tolerate Yaml at parse time. Full support isn't ready yet and will only come at the next major.
>
> [#7300](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7300) - [**Maël Nison**](https://twitter.com/arcanis)
>
> - Fixes a bug when using the `link:` protocol with a folder that doesn't contain a `package.json`
>
> [#7337](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7337) - [**Maël Nison**](https://twitter.com/arcanis)
>
> ## 1.16.0
>
> - Retries downloading a package on `yarn install` when we get a ETIMEDOUT error.
>
> [#7163](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7163) - [**Vincent Bailly**](https://github.com/VincentBailly)
>
> - Implements `yarn audit --level [severity]` flag to filter the audit command's output.
>
> [#6716](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/6716) - [**Rogério Vicente**](https://twitter.com/rogeriopvl)
>
> - Implements `yarn audit --groups group_name [group_name ...]`.
>
> [#6724](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/6724) - [**Tom Milligan**](https://github.com/tommilligan)
>
> - Exposes the script environment variables to `yarn create` spawned processes.
>
> ... (truncated)
Commits
- [`2c915bd`](https://github.com/yarnpkg/yarn/commit/2c915bda5f35bb805820c159257d96df23e3e9d8) v1.17.3
- [`f817dc9`](https://github.com/yarnpkg/yarn/commit/f817dc99450ace80532bafa1da9763bb69088037) Updates the changelog
- [`c10ef6a`](https://github.com/yarnpkg/yarn/commit/c10ef6ab60f0bc80f65838d675325f6c17f04f24) Forces using https for the regular registries ([#7393](https://github-redirect.dependabot.com/yarnpkg/yarn/issues/7393))
- [`77c2630`](https://github.com/yarnpkg/yarn/commit/77c2630a60ddca1ff4df559585697b301b283aa3) v1.17.2
- [`30a5ce3`](https://github.com/yarnpkg/yarn/commit/30a5ce31354eb4db95fd7c1fe28bc532db98fefc) Merge remote-tracking branch 'origin/master' into 1.17-stable
- [`6b44fb1`](https://github.com/yarnpkg/yarn/commit/6b44fb17d09f14e37ca6053db79639879c205e51) v1.17.1
- [`0171368`](https://github.com/yarnpkg/yarn/commit/01713684fa5cc6b6d6143ac0bbea2c4f889d5fd8) Gives a higher precedence to yarnrc.yml than yarnrc
- [`11ec1bc`](https://github.com/yarnpkg/yarn/commit/11ec1bc57a5cc81f9b9ba755041d0110e3771b9d) Adds basic support for .yamlrc.yml (yarnPath only, v2) ([#7350](https://github-redirect.dependabot.com/yarnpkg/yarn/issues/7350))
- [`3a1fc9c`](https://github.com/yarnpkg/yarn/commit/3a1fc9c0f719cd9c7aac7a4f7530252f4a1d76e7) 1.18.0-0
- [`ddceddc`](https://github.com/yarnpkg/yarn/commit/ddceddc5a3437fb5eece710293162986ce5cc4d7) v1.17.0
- Additional commits viewable in [compare view](https://github.com/yarnpkg/yarn/compare/v1.13.0...v1.17.3)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/BaltimoreCity/IdeaPortal/network/alerts).
Bumps yarn from 1.13.0 to 1.17.3.
Changelog
*Sourced from [yarn's changelog](https://github.com/yarnpkg/yarn/blob/v1.17.3/CHANGELOG.md).* > ## 1.17.3 > > - Enforces https for the Yarn and npm registries. > > [#7393](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7393) - [**Maël Nison**](https://twitter.com/arcanis) > > ## 1.17.2 > > - Adds support for reading `yarnPath` from v2-produced `.yarnrc.yml` files. > > [#7350](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7350) - [**Maël Nison**](https://twitter.com/arcanis) > > ## 1.17.0 > > - Adds prereleases flags and prerelease identifier to `yarn version`. > > [#7336](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7336) - [**Daniel Seijo**](https://github.com/daniseijo) > > - Fixes audits when used with `yarn add` & `yarn upgrade` > > [#7326](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7326) - [**David Sanders**](https://github.com/dsanders11) > > - Adds support for the `--offline` flag to `yarn global add` > > [#7330](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7330) - [**Francis Crick**](https://guthub.com/fcrick) > > - Yarn will tolerate Yaml at parse time. Full support isn't ready yet and will only come at the next major. > > [#7300](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7300) - [**Maël Nison**](https://twitter.com/arcanis) > > - Fixes a bug when using the `link:` protocol with a folder that doesn't contain a `package.json` > > [#7337](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7337) - [**Maël Nison**](https://twitter.com/arcanis) > > ## 1.16.0 > > - Retries downloading a package on `yarn install` when we get a ETIMEDOUT error. > > [#7163](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/7163) - [**Vincent Bailly**](https://github.com/VincentBailly) > > - Implements `yarn audit --level [severity]` flag to filter the audit command's output. > > [#6716](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/6716) - [**Rogério Vicente**](https://twitter.com/rogeriopvl) > > - Implements `yarn audit --groups group_name [group_name ...]`. > > [#6724](https://github-redirect.dependabot.com/yarnpkg/yarn/pull/6724) - [**Tom Milligan**](https://github.com/tommilligan) > > - Exposes the script environment variables to `yarn create` spawned processes. > > ... (truncated)Commits
- [`2c915bd`](https://github.com/yarnpkg/yarn/commit/2c915bda5f35bb805820c159257d96df23e3e9d8) v1.17.3 - [`f817dc9`](https://github.com/yarnpkg/yarn/commit/f817dc99450ace80532bafa1da9763bb69088037) Updates the changelog - [`c10ef6a`](https://github.com/yarnpkg/yarn/commit/c10ef6ab60f0bc80f65838d675325f6c17f04f24) Forces using https for the regular registries ([#7393](https://github-redirect.dependabot.com/yarnpkg/yarn/issues/7393)) - [`77c2630`](https://github.com/yarnpkg/yarn/commit/77c2630a60ddca1ff4df559585697b301b283aa3) v1.17.2 - [`30a5ce3`](https://github.com/yarnpkg/yarn/commit/30a5ce31354eb4db95fd7c1fe28bc532db98fefc) Merge remote-tracking branch 'origin/master' into 1.17-stable - [`6b44fb1`](https://github.com/yarnpkg/yarn/commit/6b44fb17d09f14e37ca6053db79639879c205e51) v1.17.1 - [`0171368`](https://github.com/yarnpkg/yarn/commit/01713684fa5cc6b6d6143ac0bbea2c4f889d5fd8) Gives a higher precedence to yarnrc.yml than yarnrc - [`11ec1bc`](https://github.com/yarnpkg/yarn/commit/11ec1bc57a5cc81f9b9ba755041d0110e3771b9d) Adds basic support for .yamlrc.yml (yarnPath only, v2) ([#7350](https://github-redirect.dependabot.com/yarnpkg/yarn/issues/7350)) - [`3a1fc9c`](https://github.com/yarnpkg/yarn/commit/3a1fc9c0f719cd9c7aac7a4f7530252f4a1d76e7) 1.18.0-0 - [`ddceddc`](https://github.com/yarnpkg/yarn/commit/ddceddc5a3437fb5eece710293162986ce5cc4d7) v1.17.0 - Additional commits viewable in [compare view](https://github.com/yarnpkg/yarn/compare/v1.13.0...v1.17.3)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/BaltimoreCity/IdeaPortal/network/alerts).