Skip to content

build(deps): bump mikefarah/yq from 4.52.5 to 4.53.2#2611

Merged
google-oss-prow[bot] merged 1 commit intomainfrom
dependabot/github_actions/mikefarah/yq-4.53.2
Apr 21, 2026
Merged

build(deps): bump mikefarah/yq from 4.52.5 to 4.53.2#2611
google-oss-prow[bot] merged 1 commit intomainfrom
dependabot/github_actions/mikefarah/yq-4.53.2

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 20, 2026

Bumps mikefarah/yq from 4.52.5 to 4.53.2.

Release notes

Sourced from mikefarah/yq's releases.

v4.53.2

  • Releases and tags now signed and immutable!
  • Add system(command; args) operator (disabled by default) (#2640)
  • TOML encoder: prefer readable table sections over inline tables (#2649)
  • Fix TOML encoder to quote keys containing special characters (#2648)
  • Add string slicing support (#2639)
  • Fix findInArray misuse on MappingNodes in equality and contains (#2645) Thanks @​jandubois!
  • Fix panic on negative slice indices that underflow after adjustment (#2646) Thanks @​jandubois!
  • Fix stack overflow from circular alias in traverse (#2647) Thanks @​jandubois!
  • Fix panic and OOM in repeatString for large repeat counts (#2644) Thanks @​jandubois!
  • Bumped dependencies
Changelog

Sourced from mikefarah/yq's changelog.

4.53.2:

  • Fixing release process

4.53.1:

  • Releases and tags now signed and immutable!
  • Add system(command; args) operator (disabled by default) (#2640)
  • TOML encoder: prefer readable table sections over inline tables (#2649)
  • Fix TOML encoder to quote keys containing special characters (#2648)
  • Add string slicing support (#2639)
  • Fix findInArray misuse on MappingNodes in equality and contains (#2645) Thanks @​jandubois!
  • Fix panic on negative slice indices that underflow after adjustment (#2646) Thanks @​jandubois!
  • Fix stack overflow from circular alias in traverse (#2647) Thanks @​jandubois!
  • Fix panic and OOM in repeatString for large repeat counts (#2644) Thanks @​jandubois!
  • Bumped dependencies

4.52.5:

4.52.4:

  • Dropping windows/arm - no longer supported in cross-compile

4.52.3:

  • Fixing comments in TOML arrays (#2592)
  • Bumped dependencies

4.52.2:

  • Fixed bad instructions file breaking go-install (#2587) Thanks @​theyoprst
  • Fixed TOML table scope after comments (#2588) Thanks @​tomers
  • Multiply uses a readonly context (#2558)
  • Fixed merge globbing wildcards in keys (#2564)
  • Fixing TOML subarray parsing issue (#2581)

4.52.1:

  • TOML encoder support - you can now roundtrip! #1364

  • Parent now supports negative indices, and added a 'root' command for referencing the top level document

  • Fixed scalar encoding for HCL

  • Add --yaml-compact-seq-indent / -c flag for compact sequence indentation (#2583) Thanks @​jfenal

  • Add symlink check to file rename util (#2576) Thanks @​Elias-elastisys

  • Powershell fixed default command used for __completeNoDesc alias (#2568) Thanks @​teejaded

  • Unwrap scalars in shell output mode. (#2548) Thanks @​flintwinters

  • Added K8S KYAML output format support (#2560) Thanks @​robbat2

  • Bumped dependencies

  • Special shout out to @​ccoVeille for reviewing my PRs!

... (truncated)

Commits
  • 751d8ad Bumping version
  • 6dd681a Fixing release signing
  • fc7c337 Updating bump version script
  • e969dd7 Bumping version
  • dc4b4ea Preparing release notes
  • 602586d Create scorecard.yml
  • 9a0335a fix: restrict GitHub Actions workflow token permissions (OSSF least-privilege...
  • 838c516 Trying to test release
  • c8f6c1a Updating release to sign checksums
  • 0e80383 chore: pin GitHub Actions and Docker base images to full-length hashes (OSSF ...
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump mikefarah/yq from 4.52.5 to 4.53.2
49c297c 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.52.5 to 4.53.2.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](mikefarah/yq@0f4fb8d...751d8ad)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-version: 4.53.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 20, 2026
@google-oss-prow google-oss-prow Bot requested review from chambridge and fege April 20, 2026 14:42
@pboyd
Copy link
Copy Markdown
Member

pboyd commented Apr 20, 2026

/lgtm
/approve

@google-oss-prow google-oss-prow Bot added the lgtm label Apr 20, 2026
@google-oss-prow
Copy link
Copy Markdown
Contributor

google-oss-prow Bot commented Apr 20, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: pboyd

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@google-oss-prow google-oss-prow Bot merged commit cb7de46 into main Apr 21, 2026
36 of 41 checks passed
@dependabot dependabot Bot deleted the dependabot/github_actions/mikefarah/yq-4.53.2 branch April 21, 2026 06:45
Taj010 pushed a commit to Taj010/model-registry that referenced this pull request Apr 21, 2026
@dependabot @Taj010
build(deps): bump mikefarah/yq from 4.52.5 to 4.53.2 (kubeflow#2611)
6bfb9c8 
Bumps [mikefarah/yq](https://github.com/mikefarah/yq) from 4.52.5 to 4.53.2.
- [Release notes](https://github.com/mikefarah/yq/releases)
- [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt)
- [Commits](mikefarah/yq@0f4fb8d...751d8ad)

---
updated-dependencies:
- dependency-name: mikefarah/yq
  dependency-version: 4.53.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@chambridge chambridge Awaiting requested review from chambridge

@fege fege Awaiting requested review from fege

Assignees

@pboyd pboyd

Labels

approved Area/GitHub dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code lgtm size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pboyd