[Snyk] Upgrade yaml from 2.1.3 to 2.4.2

[paaschdigital]

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade yaml from 2.1.3 to 2.4.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 17 versions ahead of your current version.

• The recommended version was released on a month ago.

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Uncaught Exception SNYK-JS-YAML-5458867	696	Proof of Concept

Release notes

Package name: yaml

• 2.4.2 - 2024-04-28
  
  • Restrict YAML 1.1 boolean strings to their explicit capitalization (#530)
  • Add sponsorship by Scipress (#536)
• 2.4.1 - 2024-03-06
  
  • cst: Do not drop trailing newline after line comment in block-map if followed by unindented block-seq value (#525)
  • Stringify flow collection comments in parent (#528)
  • Do not skip folding lines after the first in indented block scalars (#529)
• 2.4.0 - 2024-02-25
  
  • Add a command-line tool (#523)
  • Use the lineWidth option for line breaking in flow collections (#522)
• 2.3.4 - 2023-11-03
  
  • Do not throw for carriage return in tag shorthand (#501)
• 2.3.3 - 2023-10-14
  
  • Do not throw error on malformed URI escape in tag (#498)
• 2.3.2 - 2023-08-28
  
  • Fix docs typo (#489)
  • Do not require quotes for implicit keys with flow indicators (#494)
  • Update Prettier to v3 & update ESLint config
• 2.3.1 - 2023-05-26
  
  • Drop npm from package.json "engines" config (#476)
• 2.3.0 - 2023-05-23
  

  This release corresponds with the release of yaml-types v0.2.0, an expanding library of custom tags or types for use with yaml.

  This release contains no changes from v2.3.0-5, and the notes below include all changes from the v2.3.0-x prereleases.

  Custom Tag Improvements

  • Add export of createNode() & createPair() to 'yaml/util' (#457)
  • Add static from() methods to simplify tag development, and otherwise make extending custom collections easier (#467)

  TypeScript Improvements

  • Add a second optional generic type argument Strict to Document instances. (#441)
  • Add types exports for TypeScript (#463)
  • Export StringifyContext type from 'yaml/util' (#464)

  Other New Features

  • Add a toJS(doc, options?) method to nodes (#451, #458)
  • Set explicit tag during createNode() for non-default tags (#464)

  Bugfixes

  • Use correct argument order when stringifying flow collection comments (#443)
  • Improve first-line folding for block scalars (#422)
• 2.3.0-5 - 2023-05-06
  
  • Make extending custom collections easier (#467)
  • Fix corner case failure in error pretty-printer (CVE-2023-2251)
• 2.3.0-4 - 2023-04-18
• 2.3.0-3 - 2023-04-14
• 2.3.0-2 - 2023-04-14
• 2.3.0-1 - 2023-04-04
• 2.3.0-0 - 2023-03-11
• 2.2.2 - 2023-04-24
  

  This patch release includes a fix for an error that could be thrown in parseDocument for degenerate input. Otherwise, it's a patch release uplifting a few fixes from the ongoing v2.3 work to v2.2:

  • Corner case failure in error pretty-printer (CVE-2023-2251)
  • Use correct argument order when stringifying flow collection comments (#443)
  • First-line folding for block scalars (#422)
• 2.2.1 - 2022-12-30
• 2.2.0 - 2022-12-21
• 2.1.3 - 2022-10-05

from yaml GitHub release notes

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs