Bump js-yaml and markdownlint-cli2 by dependabot[bot] · Pull Request #64

Bump js-yaml and markdownlint-cli2 by dependabot[bot] · Pull Request #64 · CDCgov/NEDSS-SystemAdminGuide

Bumps js-yaml to 4.1.1 and updates ancestor dependency markdownlint-cli2. These dependencies need to be updated together.

Updates js-yaml from 4.1.0 to 4.1.1

Changelog

Sourced from js-yaml's changelog.

[4.1.1] - 2025-11-12

Security

Fix prototype pollution issue in yaml merge (<<) operator.

Commits

cc482e7 4.1.1 released
50968b8 dist rebuild
d092d86 lint fix
383665f fix prototype pollution in merge (<<)
0d3ca7a README.md: HTTP => HTTPS (#678)
49baadd doc: 'empty' style option for !!null
ba3460e Fix demo link (#618)
See full diff in compare view

Updates markdownlint-cli2 from 0.17.2 to 0.22.0

Changelog

Sourced from markdownlint-cli2's changelog.

0.22.0

Make --config parameter more flexible

Support TOML with --config parameter

Add --configPointer parameter

Update dependencies

0.21.0

Refactor options/configuration file loading

Update dependencies

0.20.0

Update dependencies

0.19.1

Update --format to avoid trailing newline

Update dependencies

0.19.0

Add --format parameter for editor integration

Update output formatters for severity warning

Explicitly version Docker containers for pre-commit

Update dependencies (including markdownlint)

0.18.1

Update dependencies (including markdownlint)

0.18.0

Use user ID in Docker containers for security

Update dependencies (including markdownlint)

Remove support for end-of-life Node 18

Commits

3766ad8 Update to version 0.22.0.
18fab89 Bump eslint from 10.0.3 to 10.1.0
b7106cb Freshen list of external custom rules included with the markdownlint-cli2-rul...
cfaf497 Update README.md to show how to use the Docker container image with pre-commit.
0ae96d5 Remove test-only shims for import.meta limitations in Node 18.
6c8d949 Add support for TOML files to --config, --configPointer, and extends (fixes #...
02e491d Bump pnpm/action-setup from 4 to 5
4777cf9 Add --configPointer command-line parameter, supersedes dedicated handling of ...
7ecda61 Bump eslint-plugin-jsdoc from 62.7.1 to 62.8.0
69616e9 Bump eslint from 10.0.2 to 10.0.3
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.