Skip to content

Bump js-yaml from 4.1.0 to 4.1.1 in /Software/web-server #36

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 83 commits into
base: main
Choose a base branch
from
Open

Bump js-yaml from 4.1.0 to 4.1.1 in /Software/web-server #36

dependabot wants to merge 83 commits into from

Conversation

@dependabot
Copy link

@dependabot dependabot bot commented on behalf of github Nov 16, 2025

Bumps js-yaml from 4.1.0 to 4.1.1.

Changelog

Sourced from js-yaml's changelog.

[4.1.1] - 2025-11-12

Security

  • Fix prototype pollution issue in yaml merge (<<) operator.
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

connorgallopo and others added 30 commits August 26, 2025 17:57
@connorgallopo
Create robust packaging system
728155d
@connorgallopo
Fix test image pathing
9a821ff
@connorgallopo
JAVA and potential activemq fix
a790fbb
@connorgallopo
fix vars that were NOT being respected and innomaker bad value
fc5423f
@connorgallopo
fix expectations around camera configs for testing
5894c51
@connorgallopo
add verbose logging so you can actually see what test is doing
c4c99e9
@connorgallopo
Fix build issue in docker
9e44da6
@connorgallopo
give lens fallback to fix test issue
ddbbc0b
@connorgallopo
local build support
af46af3
@connorgallopo
fix lgpio
4ee0d0a
@connorgallopo
incremental build test
e24454a
@connorgallopo
more build tuning
9a2735b
@connorgallopo
both pi use same boot config now. Fix
5727bf9
@connorgallopo
DRY refactoring
6bdbe5d
@connorgallopo
Bashly refactor
855f7e4
@connorgallopo
WIP
062b63b
@connorgallopo
code removal
5414a93
@connorgallopo
fix missing vars
b88c1f6
@connorgallopo
auto generate bashly
d09c30d
@connorgallopo
dont rely on packaging path
b96cb7f
@connorgallopo
Update to include new YAML base d CLI Configuration tooling with back…
44fc02b 
…wards compatibilty.
@connorgallopo
Fix backwards compatibility + Overwriting
3ea69e6
@connorgallopo
Add docs for new CLI and build system
5587e88
@connorgallopo
Update release build script
35cc75a
@connorgallopo
comment out my personal docker options
5a2329c
@jamespilgrim
Merge pull request PiTracLM#117 from connorgallopo/bugfix/script-enha…
7fc0347 
…ncements
@connorgallopo
fix permissions and update env var
548d610
@connorgallopo
Update CODEOWNERS syntax
72d0e94
@connorgallopo
Make sure that CODEOWNERS is protected
c94ec60
@connorgallopo
Add new issue form templates, and additional detail + naming fix to P…
01c3559 
…R template
jamespilgrim and others added 24 commits September 19, 2025 15:48
@jamespilgrim
Fixed a strobe-camera synchronization problem by ensuring that the pu…
76f1b22 
…lse-strobing constants are consistently set in both camera 1 and camera 2 processes.
@jamespilgrim
Fixed a few compiler warnings. Although the code is deprecated, so ma…
4538fb1 
…ybe just get rid of it soon.
@connorgallopo
ONLY use absolute path (PiTracLM#142)
c312d14
@connorgallopo
Add auto config to build script. (PiTracLM#143)
fad3980
@connorgallopo
Use YOLO as default + Housekeeping (PiTracLM#144)
a130ba5 
* default to yolo and use etc for consistent resolution

* dont add values twice
@jamespilgrim
Adding a warning-level log message if the state machine gets into a b…
b6e9759 
…ad state.
@connorgallopo @jamespilgrim
Release latest model, remove old models and old ml code
216c8db
@connorgallopo @jamespilgrim
Final Model Swap
4966149
@jamespilgrim
Bumped stomp version requirement to 8.2.0 to fix a build.sh problem.
884387b
@jamespilgrim
Fixed problem with latest InnoMaker camera driver that requires the d…
b09cd4d 
…enoise option to be set to auto, not cdn_off.
@connorgallopo
Update all old links (PiTracLM#146)
64d02c8
@connorgallopo
Rename Connector Board Folders (PiTracLM#149)
039a3db 
* Rename Connector Board Folders

* Add file from Mark
@connorgallopo
Update DEB installs with optimized versions and fix calibration (PiTr…
3fd2051 
…acLM#148)

- Use DEB packages instead of Tar
- Quiet down logging
- Various Bugfixes
- Rework UI based calibration
@connorgallopo
add screenshots for new UI to be used in docs (PiTracLM#150)
3fd04df
@connorgallopo
Rewrite Docs (PiTracLM#151)
3bc99f8 
* WIP

* Rename Connector Board Folders (PiTracLM#149)

* Rename Connector Board Folders

* Add file from Mark

* Update DEB installs with optimized versions and fix calibration (PiTracLM#148)

- Use DEB packages instead of Tar
- Quiet down logging
- Various Bugfixes
- Rework UI based calibration

* add screenshots for new UI to be used in docs (PiTracLM#150)

* Software Updates

* Camera + Calibration Docs

* Hardware Docs + update readme

* errata update

* HW docs changes from Mark

* Quickstart + updates around OS version support

* Final Mark Changes
@connorgallopo
change to active cooler on parts list (PiTracLM#152)
6c6a5c1
@jamespilgrim
Widened the threaded-insert diameter value for the Pi mounting risers…
f8cc3b6 
… to better fit the inserts.
@jamespilgrim
Update assembly notes with insert and screw specifications
d4d4c22 
Added specific insert and screw details for assembly.

Signed-off-by: James Pilgrim <121443783+jamespilgrim@users.noreply.github.com>
@jamespilgrim
Revise parts list for Version 2 enclosure hardware
97eb9df 
Updated hardware parts list to reflect Version 2 enclosure changes and deprecated Version 1 hardware.

Signed-off-by: James Pilgrim <121443783+jamespilgrim@users.noreply.github.com>
@jamespilgrim
Modified basebox to accept new, smaller, Meanwell LRS-75 power supply.
f0be611
@connorgallopo
Trixie Support (PiTracLM#158)
5947eb1 
* first pass for trixie

* repo location fixes

* Fix meson force rebuild and remove GPG key prompt

- Force rebuild now properly reconfigures meson
- Removed GPG key overwrite prompt by deleting existing file first
- Updated package dependencies for Trixie version compatibility

* Fix force rebuild to accept 'force' value not just 'true'

The FORCE_REBUILD variable was being set to 'force' (the string)
but all checks were looking for 'true', so force rebuilds never worked.

Changes:
- Accept both 'true' and 'force' in all FORCE_REBUILD checks
- Removed dead code that was checking build_dev's unused  parameter
- Fixed in build_deps() and build_dev() functions

* bump pillow

* bump pillow - major

* bump py msgpack

* bump the rest of py deps

* change install flags for deps

* First pass docs update

* SEO improvements

* Better layout to be as intuitive as possible
@connorgallopo
bump msgpack to 7 (PiTracLM#159)
15ca26e
@connorgallopo
only use apt repo packages, do not look at local artifacts anymore (P…
80f60b3 
…iTracLM#160)
@dependabot
Bump js-yaml from 4.1.0 to 4.1.1 in /Software/web-server
22252bb 
Bumps [js-yaml](https://github.com/nodeca/js-yaml) from 4.1.0 to 4.1.1.
- [Changelog](https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md)
- [Commits](nodeca/js-yaml@4.1.0...4.1.1)

---
updated-dependencies:
- dependency-name: js-yaml
  dependency-version: 4.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Nov 16, 2025
@jeshernandez jeshernandez self-requested a review as a code owner November 18, 2025 07:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jeshernandez jeshernandez Awaiting requested review from jeshernandez jeshernandez is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@connorgallopo @jamespilgrim