Skip to content

chore: add js-yaml version override to fix dependabot #1026

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
VasilyStrelyaev merged 5 commits into from
Dec 23, 2025
Merged

chore: add js-yaml version override to fix dependabot #1026

VasilyStrelyaev merged 5 commits into from
Dec 23, 2025

Conversation

@VasilyStrelyaev
Copy link
Contributor

@VasilyStrelyaev VasilyStrelyaev commented Dec 23, 2025

No description provided.

Copilot AI review requested due to automatic review settings December 23, 2025 11:14
@VasilyStrelyaev VasilyStrelyaev self-assigned this Dec 23, 2025
Copilot AI reviewed Dec 23, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR upgrades Lerna from v5.6.2 to v9.0.3 to address Dependabot issues. The changes modernize the monorepo configuration to align with Lerna v9's best practices.

Key changes:

  • Upgrades Lerna from v5.6.2 to v9.0.3 (major version bump)
  • Removes the deprecated postinstall: lerna bootstrap script and adds native npm workspaces configuration
  • Deletes the package-lock.json file from the devextreme-schematics package (likely to be regenerated)

Reviewed changes

Copilot reviewed 2 out of 5 changed files in this pull request and generated no comments.

File Description
package.json Bumps lerna to v9.0.3, removes deprecated postinstall script, adds workspaces configuration
lerna.json Adds $schema reference for IDE support and validation
packages/devextreme-schematics/package-lock.json Removes package-lock.json (will be regenerated with updated dependencies)
Files not reviewed (1)
  • packages/devextreme-schematics/package-lock.json: Language not supported

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@VasilyStrelyaev VasilyStrelyaev changed the title chore: bump lerna to fix dependabot chore: add js-yaml version override to fix dependabot Dec 23, 2025
@VasilyStrelyaev VasilyStrelyaev merged commit 77d768e into DevExpress:master Dec 23, 2025
23 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@GoodDayForSurf GoodDayForSurf GoodDayForSurf approved these changes

@ajivanyandev ajivanyandev ajivanyandev approved these changes

Assignees

@VasilyStrelyaev VasilyStrelyaev

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@VasilyStrelyaev @GoodDayForSurf @ajivanyandev