Skip to content

Bump yargs-parser and yargs#159

Merged
jens-maus merged 1 commit intomasterfrom
dependabot/npm_and_yarn/multi-ccdb5b6f98
Apr 4, 2026
Merged

Bump yargs-parser and yargs#159
jens-maus merged 1 commit intomasterfrom
dependabot/npm_and_yarn/multi-ccdb5b6f98

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 4, 2026

Bumps yargs-parser and yargs. These dependencies needed to be updated together.
Updates yargs-parser from 5.0.0-security.0 to 22.0.0

Release notes

Sourced from yargs-parser's releases.

yargs-parser: v22.0.0

22.0.0 (2025-05-26)

⚠ BREAKING CHANGES

  • yargs is now ESM first (#503)

Features

yargs-parser: v21.1.1

21.1.1 (2022-08-04)

Bug Fixes

  • typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

yargs-parser: v21.1.0

21.1.0 (2022-08-03)

Features

  • allow the browser build to be imported (#443) (a89259f)

Bug Fixes

  • halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)
  • node version check now uses process.versions.node (#450) (d07bcdb)
  • parse options ending with 3+ hyphens (#434) (4f1060b)

yargs-parser: v21.0.1

21.0.1 (2022-02-27)

Bug Fixes

yargs-parser yargs-parser-v21.0.0

⚠ BREAKING CHANGES

  • drops support for 10 (#421)

... (truncated)

Changelog

Sourced from yargs-parser's changelog.

22.0.0 (2025-05-26)

⚠ BREAKING CHANGES

  • yargs is now ESM first (#503)

Features

21.1.1 (2022-08-04)

Bug Fixes

  • typescript: ignore .cts files during publish (#454) (d69f9c3), closes #452

21.1.0 (2022-08-03)

Features

  • allow the browser build to be imported (#443) (a89259f)

Bug Fixes

  • halt-at-non-option: prevent known args from being parsed when "unknown-options-as-args" is enabled (#438) (c474bc1)
  • node version check now uses process.versions.node (#450) (d07bcdb)
  • parse options ending with 3+ hyphens (#434) (4f1060b)

21.0.1 (2022-02-27)

Bug Fixes

21.0.0 (2021-11-15)

⚠ BREAKING CHANGES

  • drops support for 10 (#421)

Bug Fixes

... (truncated)

Commits
Install script changes

This version adds prepare script that runs during installation. Review the package contents before updating.


Updates yargs from 7.1.1 to 7.1.2

Release notes

Sourced from yargs's releases.

yargs yargs-v7.1.2

Bug Fixes

Changelog

Sourced from yargs's changelog.

7.1.2 (2021-04-25)

Bug Fixes

7.0.2 (2017-03-10)

Bug Fixes

  • populating placeholder arguments broke validation (b3eb2fe)

7.0.1 (2017-03-03)

Bug Fixes

  • --help with default command should print top-level help (#810) (9c03fa4)

7.0.0 (2017-02-26)

Bug Fixes

  • address min/max validation message regression (#750) (2e5ce0f)
  • address positional argument strict() bug introduced in #766 (#784) (a8528e6)
  • console.warn() rather than throwing errors when api signatures are incorrect (#804) (a607061)
  • context should override parsed argv (#786) (0997288)
  • context variables are now recognized in strict() mode (#796) (48575cd)
  • errors were not bubbling appropriately from sub-commands to top-level (#802) (8a992f5)
  • positional arguments of sub-commands threw strict() exception (#805) (f3f074b)
  • pull in yargs-parser with modified env precedence (#787) (e0fbbe5)
  • running parse() multiple times on the same yargs instance caused exception if help() enabled (#790) (07e39b7)
  • use path.resolve() to support node 0.10 (#797) (49a93fc)

Features

  • add conflicts and implies shorthands. (#753) (bd1472b)
  • add traditional Chinese translation (#780) (6ab6a95)
  • allow provided config object to extend other configs (#779) (3280dd0)
  • function argument validation (#773) (22ed9bb)

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump yargs-parser and yargs
8878e5d 
Bumps [yargs-parser](https://github.com/yargs/yargs-parser) and [yargs](https://github.com/yargs/yargs). These dependencies needed to be updated together.

Updates `yargs-parser` from 5.0.0-security.0 to 22.0.0
- [Release notes](https://github.com/yargs/yargs-parser/releases)
- [Changelog](https://github.com/yargs/yargs-parser/blob/main/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs-parser/commits/yargs-parser-v22.0.0)

Updates `yargs` from 7.1.1 to 7.1.2
- [Release notes](https://github.com/yargs/yargs/releases)
- [Changelog](https://github.com/yargs/yargs/blob/yargs-v7.1.2/CHANGELOG.md)
- [Commits](https://github.com/yargs/yargs/commits/yargs-v7.1.2)

---
updated-dependencies:
- dependency-name: yargs-parser
  dependency-version: 22.0.0
  dependency-type: indirect
- dependency-name: yargs
  dependency-version: 7.1.2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Apr 4, 2026
@jens-maus jens-maus merged commit 2ae292d into master Apr 4, 2026
10 checks passed
@dependabot dependabot bot deleted the dependabot/npm_and_yarn/multi-ccdb5b6f98 branch April 4, 2026 17:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jens-maus