Skip to content

Bump symfony/yaml from 5.3.6 to 5.4.52#8

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/composer/symfony/yaml-5.4.52
Open

Bump symfony/yaml from 5.3.6 to 5.4.52#8
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/composer/symfony/yaml-5.4.52

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 28, 2026

Bumps symfony/yaml from 5.3.6 to 5.4.52.

Release notes

Sourced from symfony/yaml's releases.

v5.4.52

Changelog (symfony/yaml@v5.4.44...v5.4.52)

v5.4.45

Changelog (symfony/yaml@v5.4.44...v5.4.45)

  • no significant changes

v5.4.44

Changelog (symfony/yaml@v5.4.43...v5.4.44)

v5.4.43

Changelog (symfony/yaml@v5.4.42...v5.4.43)

v5.4.40

Changelog (symfony/yaml@v5.4.39...v5.4.40)

  • no significant changes

v5.4.39

Changelog (symfony/yaml@v5.4.38...v5.4.39)

v5.4.35

Changelog (symfony/yaml@v5.4.34...v5.4.35)

  • no significant changes

v5.4.31

Changelog (symfony/yaml@v5.4.30...v5.4.31)

v5.4.30

Changelog (symfony/yaml@v5.4.29...v5.4.30)

  • no significant changes

v5.4.23

Changelog (symfony/yaml@v5.4.22...v5.4.23)

... (truncated)

Changelog

Sourced from symfony/yaml's changelog.

CHANGELOG

8.0

  • Remove support for parsing duplicate mapping keys whose value is null

7.3

  • Add compact nested mapping support by using the Yaml::DUMP_COMPACT_NESTED_MAPPING flag
  • Add the Yaml::DUMP_FORCE_DOUBLE_QUOTES_ON_VALUES flag to enforce double quotes around string values

7.2

  • Deprecate parsing duplicate mapping keys whose value is null
  • Add support for dumping null as an empty value by using the Yaml::DUMP_NULL_AS_EMPTY flag

7.1

  • Add support for getting all the enum cases with !php/enum Foo

7.0

  • Remove the !php/const: tag, use !php/const instead (without the colon)

6.3

  • Add support to dump int keys as strings by using the Yaml::DUMP_NUMERIC_KEY_AS_STRING flag

6.2

  • Add support for !php/enum and !php/enum *->value
  • Deprecate the !php/const: tag in key which will be replaced by the !php/const tag (without the colon) since 3.4

6.1

  • In cases where it will likely improve readability, strings containing single quotes will be double-quoted

5.4

  • Add a $maxNestingLevel argument to Parser::__construct(), Yaml::parse() and Yaml::parseFile() to bound recursion depth (default 128)

... (truncated)

Commits
  • b0b2705 [Yaml] Harden the Parser::cleanup() regexes against catastrophic backtracking
  • 5a351ff [Yaml] Bound collection-alias resolution in the parser
  • b02ba66 [Yaml] Bound recursion depth in the parser
  • a454d47 Add PR template and auto-close PR on subtree split repositories
  • 7025b96 parse empty sequence elements as null
  • 62f96e1 🐛 throw ParseException on invalid date
  • 81cad0c Revert "minor #54653 Auto-close PRs on subtree-splits (nicolas-grekas)"
  • bc780e1 call substr() with integer offsets
  • a38ba0b Auto-close PRs on subtree-splits
  • e78db7f Apply php-cs-fixer fix --rules nullable_type_declaration_for_default_null_value
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump symfony/yaml from 5.3.6 to 5.4.52
c296e9c 
Bumps [symfony/yaml](https://github.com/symfony/yaml) from 5.3.6 to 5.4.52.
- [Release notes](https://github.com/symfony/yaml/releases)
- [Changelog](https://github.com/symfony/yaml/blob/8.1/CHANGELOG.md)
- [Commits](symfony/yaml@v5.3.6...v5.4.52)

---
updated-dependencies:
- dependency-name: symfony/yaml
  dependency-version: 5.4.52
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file php Pull requests that update php code labels May 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file php Pull requests that update php code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants