From ab42e4fda8dbe1cf36a50895e8ecd6852b6e2990 Mon Sep 17 00:00:00 2001 From: Tom Moor Date: Sun, 10 May 2026 09:32:30 -0400 Subject: [PATCH] chore(deps): Remove js-yaml resolution that no longer prevents downgrades (#12309) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The "js-yaml": "^4.1.1" resolution is now a no-op — every package that requests js-yaml in the dep graph already asks for ^4.1.0 or ^4.1.1, both of which naturally resolve to 4.1.1. Removing the resolution does not change any installed version. Audited the remaining resolutions; all still prevent a lower version from being installed (or are intentional dedupe pins for @types/* and prosemirror-transform per #12304, plus the i18next-parser compatibility pin from #12307). Co-authored-by: Claude --- package.json | 1 - yarn.lock | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/package.json b/package.json index 0df5c9b41a..5068dc90f5 100644 --- a/package.json +++ b/package.json @@ -381,7 +381,6 @@ "@types/koa": "2.15.0", "prosemirror-transform": "1.10.5", "debug": "4.3.4", - "js-yaml": "^4.1.1", "prismjs": "1.30.0", "zod": "^4.3.6", "ajv@npm:~8.13.0": "^8.18.0", diff --git a/yarn.lock b/yarn.lock index f874f22242..effd7296db 100644 --- a/yarn.lock +++ b/yarn.lock @@ -13665,7 +13665,7 @@ __metadata: languageName: node linkType: hard -"js-yaml@npm:^4.1.1": +"js-yaml@npm:^4.1.0, js-yaml@npm:^4.1.1": version: 4.1.1 resolution: "js-yaml@npm:4.1.1" dependencies: