Skip to content

chore(deps): bump yaml from 2.8.3 to 2.8.4#16

Merged
reaatech merged 2 commits into
mainfrom
dependabot/npm_and_yarn/yaml-2.8.4
May 17, 2026
Merged

chore(deps): bump yaml from 2.8.3 to 2.8.4#16
reaatech merged 2 commits into
mainfrom
dependabot/npm_and_yarn/yaml-2.8.4

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 4, 2026
edited
Loading

Bumps yaml from 2.8.3 to 2.8.4.

Release notes

Sourced from yaml's releases.

v2.8.4

  • Disable alias resolution with maxAliasCount:0 (#677)
  • Handle invalid unicode escapes (e1a1a77)
  • Apply minFractionDigits only to decimal strings (#676)
Commits

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 4, 2026

Labels

The following labels could not be found: dependabot, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 4, 2026

Agent Evaluation Results

Overall Score: 98.0%
Pass Rate: 100.0%
Trajectories: 2

Generated by agent-eval-harness

@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/yaml-2.8.4 branch from b2a142c to 720a5ce Compare May 17, 2026 01:51
@reaatech reaatech force-pushed the dependabot/npm_and_yarn/yaml-2.8.4 branch from 720a5ce to 1d4fb57 Compare May 17, 2026 02:40
@dependabot @reaatech
chore(deps): bump yaml from 2.8.3 to 2.8.4
4e4a447 
Bumps [yaml](https://github.com/eemeli/yaml) from 2.8.3 to 2.8.4.
- [Release notes](https://github.com/eemeli/yaml/releases)
- [Commits](eemeli/yaml@v2.8.3...v2.8.4)

---
updated-dependencies:
- dependency-name: yaml
  dependency-version: 2.8.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@reaatech reaatech force-pushed the dependabot/npm_and_yarn/yaml-2.8.4 branch from 1d4fb57 to 4e4a447 Compare May 17, 2026 05:26
@reaatech
fix(deps): adapt callers to yaml from 2.8.3 to 2.8.4
09e234d 
Replace deprecated resourceFromAttributes() with new Resource() constructor
in @opentelemetry/resources 2.x, which was transitively resolved by the yaml
bump's lockfile regeneration. Typecheck and full test suite pass.
@reaatech reaatech merged commit 0ed5738 into main May 17, 2026
@reaatech reaatech deleted the dependabot/npm_and_yarn/yaml-2.8.4 branch May 17, 2026 05:32
@reaatech
Copy link
Copy Markdown
Owner

reaatech commented May 17, 2026

✅ Dependabot PR Merged

  • Bump: yaml from 2.8.3 → 2.8.4
  • Attempts to fix CI: 1
  • Merge: 0ed5738

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@reaatech