From b29255cf38ab19da1b4907fdaaa1d30611462eca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 24 Jan 2024 14:03:47 +0000 Subject: [PATCH] chore(deps): bump js-yaml from 3.14.1 to 4.1.0 (#5093) Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.1 to 4.1.0. - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodeca/js-yaml/compare/3.14.1...4.1.0) --- updated-dependencies: - dependency-name: js-yaml dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .changeset/five-dots-matter.md | 5 +++++ tools/scripts-config-cdn/cdn.js | 5 +++-- tools/scripts-config-cdn/package.json | 3 ++- yarn.lock | 9 ++++++++- 4 files changed, 18 insertions(+), 4 deletions(-) create mode 100644 .changeset/five-dots-matter.md diff --git a/.changeset/five-dots-matter.md b/.changeset/five-dots-matter.md new file mode 100644 index 00000000000..4a82c3fc65d --- /dev/null +++ b/.changeset/five-dots-matter.md @@ -0,0 +1,5 @@ +--- +'@talend/scripts-config-cdn': minor +--- + +deps: bump js-yaml from 3.x to 4.x diff --git a/tools/scripts-config-cdn/cdn.js b/tools/scripts-config-cdn/cdn.js index 0de8a48cba2..0affad96d93 100644 --- a/tools/scripts-config-cdn/cdn.js +++ b/tools/scripts-config-cdn/cdn.js @@ -15,6 +15,7 @@ const umds = require('./umds.json'); const { download } = require('./utils'); const CDN_URL = 'https://statics-dev.cloud.talend.com'; +let schema = yaml.DEFAULT_SCHEMA.extend(require('js-yaml-js-types').all); function getModuleName(nameandversion, isPnpm = false) { if (isPnpm) { @@ -151,7 +152,7 @@ function getModulesFromLockFile(dir) { try { yarnv1 = lockfile.parse(fs.readFileSync(lockPath, 'utf-8')); } catch (e) { - yarnv3 = yaml.load(fs.readFileSync(lockPath, 'utf-8')); + yarnv3 = yaml.load(fs.readFileSync(lockPath, 'utf-8'), { schema }); // eslint-disable-next-line no-underscore-dangle delete yarnv3.__metadata; } @@ -166,7 +167,7 @@ function getModulesFromLockFile(dir) { }) .map(addLocal); } else if (fs.existsSync(lockTypeMap.pnpm.path)) { - const json = yaml.load(fs.readFileSync(lockTypeMap.pnpm.path, 'utf-8')); + const json = yaml.load(fs.readFileSync(lockTypeMap.pnpm.path, 'utf-8'), { schema }); infos = Object.keys(json.packages) .map(moduleAndversion => { if (moduleAndversion.startsWith('file:')) { diff --git a/tools/scripts-config-cdn/package.json b/tools/scripts-config-cdn/package.json index 8935780260c..5c3b1218d01 100644 --- a/tools/scripts-config-cdn/package.json +++ b/tools/scripts-config-cdn/package.json @@ -13,7 +13,8 @@ "@talend/dynamic-cdn-webpack-plugin": "^13.1.0", "@talend/module-to-cdn": "^9.10.0", "@yarnpkg/lockfile": "^1.1.0", - "js-yaml": "^3.14.1", + "js-yaml": "^4.1.0", + "js-yaml-js-types": "^1.0.1", "read-pkg-up": "^7.0.1" }, "devDependencies": { diff --git a/yarn.lock b/yarn.lock index b99d2c052d5..df108fc3b23 100644 --- a/yarn.lock +++ b/yarn.lock @@ -12294,7 +12294,14 @@ js-levenshtein@^1.1.6: resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499" integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ== -js-yaml@3.14.1, js-yaml@^3.13.0, js-yaml@^3.13.1, js-yaml@^3.14.1, js-yaml@^3.6.1: +js-yaml-js-types@^1.0.1: + version "1.0.1" + resolved "https://registry.yarnpkg.com/js-yaml-js-types/-/js-yaml-js-types-1.0.1.tgz#fa57135b99d67b3612718426af2d9b314e5c6808" + integrity sha512-5tpfyORs8OQ43alNERbWfYRCtWgykvzYgY46fUhrQi2+kS7N0NuuFYLZ/IrfmVm5muLTndeMublgraXiFRjEPw== + dependencies: + esprima "^4.0.1" + +js-yaml@3.14.1, js-yaml@^3.13.0, js-yaml@^3.13.1, js-yaml@^3.6.1: version "3.14.1" resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.1.tgz#dae812fdb3825fa306609a8717383c50c36a0537" integrity sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==