chore(deps): bump js-yaml from 3.14.0 to 4.0.0 (#2920)

* chore(deps): bump js-yaml from 3.14.0 to 4.0.0 Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 3.14.0 to 4.0.0. - [Release notes](https://github.com/nodeca/js-yaml/releases) - [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md) - [Commits](https://github.com/nodeca/js-yaml/compare/3.14.0...4.0.0) Signed-off-by: dependabot[bot] <support@github.com> * fix(src/node): replace yaml.safeLoad with load Also update @types/yaml to ^4.0.0. Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Akash Satheesan <akash@coder.com>
2021-03-18 16:30:10 -05:00 · 2021-03-18 16:30:10 -05:00 · a8e2ede4f5
parent 4c6cf8414c
commit a8e2ede4f5
3 changed files with 19 additions and 7 deletions
--- a/package.json
+++ b/package.json
@ -39,7 +39,7 @@
    "@types/cookie-parser": "^1.4.2",
    "@types/express": "^4.17.8",
    "@types/http-proxy": "^1.17.4",
-    "@types/js-yaml": "^3.12.3",
+    "@types/js-yaml": "^4.0.0",
    "@types/node": "^12.12.7",
    "@types/parcel-bundler": "^1.12.1",
    "@types/pem": "^1.9.5",
@ -84,7 +84,7 @@
    "express": "^5.0.0-alpha.8",
    "http-proxy": "^1.18.0",
    "httpolyglot": "^0.1.2",
-    "js-yaml": "^3.13.1",
+    "js-yaml": "^4.0.0",
    "limiter": "^1.1.5",
    "node-fetch": "^2.6.1",
    "pem": "^1.14.2",
--- a/src/node/cli.ts
+++ b/src/node/cli.ts
@ -536,7 +536,7 @@ export function parseConfigFile(configFile: string, configPath: string): ConfigA
    return { _: [], config: configPath }
  }

-  const config = yaml.safeLoad(configFile, {
+  const config = yaml.load(configFile, {
    filename: configPath,
  })
  if (!config || typeof config === "string") {
--- a/yarn.lock
+++ b/yarn.lock
@ -1135,10 +1135,10 @@
  dependencies:
    "@types/node" "*"

-"@types/js-yaml@^3.12.3":
-  version "3.12.5"
-  resolved "https://registry.yarnpkg.com/@types/js-yaml/-/js-yaml-3.12.5.tgz#136d5e6a57a931e1cce6f9d8126aa98a9c92a6bb"
-  integrity sha512-JCcp6J0GV66Y4ZMDAQCXot4xprYB+Zfd3meK9+INSJeVZwJmHAW30BBEEkPzXswMXuiyReUGOP3GxrADc9wPww==
+"@types/js-yaml@^4.0.0":
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/@types/js-yaml/-/js-yaml-4.0.0.tgz#d1a11688112091f2c711674df3a65ea2f47b5dfb"
+  integrity sha512-4vlpCM5KPCL5CfGmTbpjwVKbISRYhduEJvvUWsH5EB7QInhEj94XPZ3ts/9FPiLZFqYO0xoW4ZL8z2AabTGgJA==

 "@types/json-schema@^7.0.3":
  version "7.0.6"
@ -1491,6 +1491,11 @@ argparse@^1.0.7:
  dependencies:
    sprintf-js "~1.0.2"

+argparse@^2.0.1:
+  version "2.0.1"
+  resolved "https://registry.yarnpkg.com/argparse/-/argparse-2.0.1.tgz#246f50f3ca78a3240f6c997e8a9bd1eac49e4b38"
+  integrity sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q==
+
 arr-diff@^4.0.0:
  version "4.0.0"
  resolved "https://registry.yarnpkg.com/arr-diff/-/arr-diff-4.0.0.tgz#d6461074febfec71e7e15235761a329a5dc7c520"
@ -4479,6 +4484,13 @@ js-yaml@^3.10.0, js-yaml@^3.13.1:
    argparse "^1.0.7"
    esprima "^4.0.0"

+js-yaml@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.0.0.tgz#f426bc0ff4b4051926cd588c71113183409a121f"
+  integrity sha512-pqon0s+4ScYUvX30wxQi3PogGFAlUyH0awepWvwkj4jD4v+ova3RiYw8bmA6x2rDrEaj8i/oWKoRxpVNW+Re8Q==
+  dependencies:
+    argparse "^2.0.1"
+
 jsbn@~0.1.0:
  version "0.1.1"
  resolved "https://registry.yarnpkg.com/jsbn/-/jsbn-0.1.1.tgz#a5e654c2e5a2deb5f201d96cefbca80c0ef2f513"