chore(deps-dev): bump js-yaml from 4.2.0 to 5.2.1#1047
Conversation
js-yaml 5.x dropped its default export (it only ships named ESM
exports now: load, dump, etc. — no `export default`). This broke
every file using `import yaml from "js-yaml"` with
"The requested module 'js-yaml' does not provide an export named
'default'".
Fixes all 15 affected files by switching to a namespace import
(`import * as yaml from "js-yaml"`), which resolves the same way in
both v4 and v5 since `load`/`dump` were always named exports. CJS
`require("js-yaml")` call sites are unaffected — js-yaml's CJS build
still exports plain `exports.load = ...` properties, so there's no
default-export dependency there.
Verified: npm ci, npm run lint:js (0 errors), npm run test:js
(668/668 passing, including the check-template-labels.js suite that
was the original blocker for this bump).
|
Warning Review limit reached
Next review available in: 25 minutes Enable usage-based reviews in Billing to review now. Otherwise, wait until the next included review is available. How can I continue?After more reviews become available, a review can be triggered using the To avoid repeated limits, reduce automatic review volume by pausing incremental auto-reviews earlier, using label-based review opt-in, excluding WIP or generated PR titles, or requesting reviews manually when the PR is ready. If your team needs uninterrupted high-volume reviews, an organization admin can enable usage-based reviews. How do review limits work?CodeRabbit enforces per-developer PR review limits for each organization. Most developers receive the normal plan review availability. For paid Pro and Pro+ PR reviews, CodeRabbit uses adaptive limits for sustained high-volume activity. When a developer's recent PR review activity reaches the 95th percentile or higher among CodeRabbit users, additional reviews become available more gradually as earlier reviews age out of the rolling window. Please refer docs for additional details. Review details⚙️ Run configurationConfiguration used: Repository YAML (base), Organization UI (inherited) Review profile: CHILL Plan: Pro Run ID: ⛔ Files ignored due to path filters (1)
📒 Files selected for processing (17)
✨ Finishing Touches🧪 Generate unit tests (beta)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
|
✅ Template check passed after update. Thanks for fixing the PR description. |
There was a problem hiding this comment.
Code Review
This pull request upgrades the js-yaml dependency from version ^4.2.0 to ^5.2.1 in package.json and package-lock.json. To accommodate this upgrade, the import statements for js-yaml have been updated from default imports to namespace imports (import * as yaml from "js-yaml") across various scripts and GitHub Action utilities. There are no review comments, and I have no additional feedback to provide.
Important
The consumer version of Gemini Code Assist on GitHub is being sunset. Starting June 18, 2026, new organization installations will be blocked, and all code review activity will officially cease on July 17, 2026.
For more details on the timeline and next steps, please review the Help Documentation.
🔍 Reviewer Summary for PR #1047CI Status: ✅ Recommendations
|
Metadata governance
|
Chore Pull Request
Linked issues
Relates to #1036 (superseded — closed; this is a clean re-creation from current
developwith the code fix applied).Summary
Bumps
js-yamlfrom 4.2.0 to 5.2.1 (major version). js-yaml 5.x dropped its default export — it only ships named ESM exports now (load,dump, etc.). This broke every file usingimport yaml from "js-yaml"withThe requested module 'js-yaml' does not provide an export named 'default'.Changes
package.json/package-lock.json:js-yaml4.2.0 → 5.2.1.import * as yaml from "js-yaml"/import * as YAML from "js-yaml"), which resolves the same way in both v4 and v5 sinceload/dumpwere always named exports. All 15 files only ever call.load(...).require("js-yaml")— js-yaml's CJS build still exports plainexports.load = ...properties, so CommonJSrequirewas never affected by the default-export removal.Impact / Compatibility
.load()behaves identically; only the import syntax changed.Verification
Risk & Rollback
Changelog
Fixed
js-yaml5.x compatibility — 15 files usingimport yaml from "js-yaml"broke on the removed default export; switched to namespace imports.Changed
js-yaml4.2.0 → 5.2.1.Checklist (Global DoD / PR)
🤖 Generated with Claude Code