Every type now has options property with original arguments kept as they were
(see yaml.types.int.options as an example).
Changed
Schema.extend() now keeps old type order in case of conflicts
(e.g. Schema.extend([ a, b, c ]).extend([ b, a, d ]) is now ordered as abcd instead of cbad).
[4.0.0] - 2021-01-03
Changed
Check migration guide to see details for all breaking changes.
Breaking: "unsafe" tags !!js/function, !!js/regexp, !!js/undefined are
moved to js-yaml-js-types package.
Breaking: removed safe* functions. Use load, loadAll, dump
instead which are all now safe by default.
yaml.DEFAULT_SAFE_SCHEMA and yaml.DEFAULT_FULL_SCHEMA are removed, use
yaml.DEFAULT_SCHEMA instead.
yaml.Schema.create(schema, tags) is removed, use schema.extend(tags) instead.
!!binary now always mapped to Uint8Array on load.
Reduced nesting of /lib folder.
Parse numbers according to YAML 1.2 instead of YAML 1.1 (01234 is now decimal,
0o1234 is octal, 1:23 is parsed as string instead of base60).
dump() no longer quotes :, [, ], (, ) except when necessary, #470, #557.
Line and column in exceptions are now formatted as (X:Y) instead of
at line X, column Y (also present in compact format), #332.
Code snippet created in exceptions now contains multiple lines with line numbers.
dump() now serializes undefined as null in collections and removes keys with
undefined in mappings, #571.
dump() with skipInvalid=true now serializes invalid items in collections as null.
Custom tags starting with ! are now dumped as !tag instead of !<!tag>, #576.
Custom tags starting with tag:yaml.org,2002: are now shorthanded using !!, #258.
Added
Added .mjs (es modules) support.
Added quotingType and forceQuotes options for dumper to configure
string literal style, #290, #529.
Added styles: { '!!null': 'empty' } option for dumper
(serializes { foo: null } as "foo: "), #570.
Added replacer option (similar to option in JSON.stringify), #339.
Custom Tag can now handle all tags or multiple tags with the same prefix, #385.
Fixed
Astral characters are no longer encoded by dump(), #587.
"duplicate mapping key" exception now points at the correct column, #452.
Extra commas in flow collections (e.g. [foo,,bar]) now throw an exception
instead of producing null, #321.
__proto__ key no longer overrides object prototype, #164.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
- `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme
Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com):
- Update frequency (including time of day and day of week)
- Pull request limits (per update run and/or open at any time)
- Out-of-range updates (receive only lockfile updates, if desired)
- Security updates (receive only security updates, if desired)
Bumps js-yaml from 3.14.0 to 4.1.0.
Changelog
Sourced from js-yaml's changelog.
... (truncated)
Commits
2cef47b4.1.0 released810b149dist rebuild2b5620eExport built-in types, type override now preserves orderab31bbadoc: clarifylineWidthdump options (#612)ee74ce44.0.0 releaseda44bb7cdist rebuildaee620aThrow an error if block sequence/mapping indent contains a tabf0f205bFix parsing of invalid block mappingse8cf6f6Fix error with anchor not being assigned to an empty nodea583097Shorthand tags with !! whenever possibleDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired)