Skip to content

build(deps): bump yamlpath from 3.8.2 to 3.9.0 in /yaml#334

Merged
thomasleplus merged 2 commits intomainfrom
dependabot/pip/yaml/yamlpath-3.9.0
Apr 20, 2026
Merged

build(deps): bump yamlpath from 3.8.2 to 3.9.0 in /yaml#334
thomasleplus merged 2 commits intomainfrom
dependabot/pip/yaml/yamlpath-3.9.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 20, 2026

Bumps yamlpath from 3.8.2 to 3.9.0.

Release notes

Sourced from yamlpath's releases.

3.9.0

Enhancements:

  • Python 3.12, 3.13, and 3.14 are now formally tested and supported. For developers hacking on this project who also use EYAML, Ruby 3.3 is now the minimum supported version due to end-of-life status of other Ruby versions.
  • Per-Python-version and per-Ruby-version pinned test-tool requirement files have been added under requirements/test-tools/ to ensure reproducible test runs on every supported Python and Ruby (for EYAML users) version.
  • This version supports only ruamel.yaml version 0.19.1. This is a major change from pervious releases which supported a wide range of ruamel.yaml versions. This change was necessary due to signficant API changes in ruamel.yaml 0.19, which broke backward compatibility with 0.18 and earlier versions.
  • The yaml-paths command now supports a new --line option, enabling lookup of YAML Path(s) by 1-based source line number in parsed YAML documents. This was by request from https://github.com/fr3nd via wwkimball/yamlpath#143.
  • Markdown documents with standards-compliant frontmatter headers are now supported by all command-line tools by request from https://github.com/greggh via wwkimball/yamlpath#235. YAML (---) and JSON (;;;) frontmatter metadata blocks are supported. Other formats such as TOML (+++) are rejected. Parsing errors are reported with meaningful standards- violation messages, Markdown files (not STDIN) are auto-detected by commonly known Markdown file extensions, and STDIN (piped) Markdown content can be indicated via the new --frontmatter option.
  • A new class, yamlpath.common.MergeRefs, has been added as a static helper library for YAML Merge Key (<<:) operations. It provides iter_nodes(), replace_node(), and remove_node() methods to iterate, update, and delete merge reference nodes in a ruamel.yaml CommentedMap-like node.
  • A new structural type Protocol, yamlpath.types.ParsersLogger, has been added. It defines the minimal logging interface (debug() and error()) required by Parsers.get_yaml_data() and related helper methods. This allows consumers to supply any logger-compatible object to those methods without needing to subclass ConsolePrinter. This is an experimental -- but fully operational -- change and may be expanded, removed, or modified in a future release.
  • Two new static methods have been added to the Nodes class to provide a stable, version-neutral interface for reading and writing YAML node tags: Nodes.get_tag(node) and Nodes.set_tag(node, value_tag).
  • Pyright is now included in the test suite to enforce strict static type checking across the codebase at each build.
  • Build artifacts are now produced using python -m build (PEP 517), replacing the legacy python setup.py sdist bdist_wheel invocation. A minimal pyproject.toml declaring the setuptools build backend has been added.
  • The source distribution (sdist / .tar.gz) now includes the test suite, test runner scripts (run-tests.sh and run-tests.ps1), and per-version test-tool requirement files so that consumers can run tests from the sdist.
  • The Merger now preserves the original insertion order of keys in a CommentedMap when merging with YAML Merge Keys (<<:), preventing keys from being silently reordered after a merge operation; this counters a breaking change in ruamel.yaml 0.19.

... (truncated)

Changelog

Sourced from yamlpath's changelog.

3.9.0 Enhancements:

  • Python 3.12, 3.13, and 3.14 are now formally tested and supported. For developers hacking on this project who also use EYAML, Ruby 3.3 is now the minimum supported version due to end-of-life status of other Ruby versions.
  • Per-Python-version and per-Ruby-version pinned test-tool requirement files have been added under requirements/test-tools/ to ensure reproducible test runs on every supported Python and Ruby (for EYAML users) version.
  • This version supports only ruamel.yaml version 0.19.1. This is a major change from pervious releases which supported a wide range of ruamel.yaml versions. This change was necessary due to signficant API changes in ruamel.yaml 0.19, which broke backward compatibility with 0.18 and earlier versions.
  • The yaml-paths command now supports a new --line option, enabling lookup of YAML Path(s) by 1-based source line number in parsed YAML documents. This was by request from https://github.com/fr3nd via wwkimball/yamlpath#143.
  • Markdown documents with standards-compliant frontmatter headers are now supported by all command-line tools by request from https://github.com/greggh via wwkimball/yamlpath#235. YAML (---) and JSON (;;;) frontmatter metadata blocks are supported. Other formats such as TOML (+++) are rejected. Parsing errors are reported with meaningful standards- violation messages, Markdown files (not STDIN) are auto-detected by commonly known Markdown file extensions, and STDIN (piped) Markdown content can be indicated via the new --frontmatter option.
  • A new class, yamlpath.common.MergeRefs, has been added as a static helper library for YAML Merge Key (<<:) operations. It provides iter_nodes(), replace_node(), and remove_node() methods to iterate, update, and delete merge reference nodes in a ruamel.yaml CommentedMap-like node.
  • A new structural type Protocol, yamlpath.types.ParsersLogger, has been added. It defines the minimal logging interface (debug() and error()) required by Parsers.get_yaml_data() and related helper methods. This allows consumers to supply any logger-compatible object to those methods without needing to subclass ConsolePrinter. This is an experimental -- but fully operational -- change and may be expanded, removed, or modified in a future release.
  • Two new static methods have been added to the Nodes class to provide a stable, version-neutral interface for reading and writing YAML node tags: Nodes.get_tag(node) and Nodes.set_tag(node, value_tag).
  • Pyright is now included in the test suite to enforce strict static type checking across the codebase at each build.
  • Build artifacts are now produced using python -m build (PEP 517), replacing the legacy python setup.py sdist bdist_wheel invocation. A minimal pyproject.toml declaring the setuptools build backend has been added.
  • The source distribution (sdist / .tar.gz) now includes the test suite, test runner scripts (run-tests.sh and run-tests.ps1), and per-version test-tool requirement files so that consumers can run tests from the sdist.
  • The Merger now preserves the original insertion order of keys in a CommentedMap when merging with YAML Merge Keys (<<:), preventing keys from being silently reordered after a merge operation; this counters a breaking change in ruamel.yaml 0.19.

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump yamlpath from 3.8.2 to 3.9.0 in /yaml
37922d6 
Bumps [yamlpath](https://github.com/wwkimball/yamlpath) from 3.8.2 to 3.9.0.
- [Release notes](https://github.com/wwkimball/yamlpath/releases)
- [Changelog](https://github.com/wwkimball/yamlpath/blob/master/CHANGES)
- [Commits](wwkimball/yamlpath@v3.8.2...v3.9.0)

---
updated-dependencies:
- dependency-name: yamlpath
  dependency-version: 3.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Apr 20, 2026
@github-actions github-actions bot added the build [Conventional Commits] Changes that affect the build system or external dependencies label Apr 20, 2026
@github-actions github-actions bot enabled auto-merge (squash) April 20, 2026 01:10
@thomasleplus thomasleplus disabled auto-merge April 20, 2026 23:50
@thomasleplus thomasleplus merged commit 40790e4 into main Apr 20, 2026
14 checks passed
@thomasleplus thomasleplus deleted the dependabot/pip/yaml/yamlpath-3.9.0 branch April 20, 2026 23:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

build [Conventional Commits] Changes that affect the build system or external dependencies dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@thomasleplus