From c734ccffd09c7e5a46b7a4910e1e0c8219c51d57 Mon Sep 17 00:00:00 2001
From: Nicolas Montavon <143720818+vyconm@users.noreply.github.com>
Date: Mon, 17 Nov 2025 18:32:01 +0100
Subject: [PATCH] fix(deps): update js-yaml to mitigate moderate CVE-2025-64718
 and pass audits

---
 package.json |  2 +-
 yarn.lock    | 13 ++++++++++++-
 2 files changed, 13 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 30436121..e10a7e78 100644
--- a/package.json
+++ b/package.json
@@ -82,7 +82,7 @@
   "dependencies": {
     "@jsdevtools/ono": "^7.1.3",
     "@types/json-schema": "^7.0.15",
-    "js-yaml": "^4.1.0",
+    "js-yaml": "^4.1.1",
     "lodash": "^4.17.21"
   },
   "release": {
diff --git a/yarn.lock b/yarn.lock
index a1b044c5..062f3adb 100644
--- a/yarn.lock
+++ b/yarn.lock
@@ -332,7 +332,7 @@ __metadata:
     eslint-plugin-promise: "npm:^7.2.1"
     eslint-plugin-unused-imports: "npm:^4.1.4"
     globals: "npm:^15.13.0"
-    js-yaml: "npm:^4.1.0"
+    js-yaml: "npm:^4.1.1"
     jsdom: "npm:^25.0.1"
     lodash: "npm:^4.17.21"
     prettier: "npm:^3.4.2"
@@ -2721,6 +2721,17 @@ __metadata:
   languageName: node
   linkType: hard
 
+"js-yaml@npm:^4.1.1":
+  version: 4.1.1
+  resolution: "js-yaml@npm:4.1.1"
+  dependencies:
+    argparse: "npm:^2.0.1"
+  bin:
+    js-yaml: bin/js-yaml.js
+  checksum: 10c0/561c7d7088c40a9bb53cc75becbfb1df6ae49b34b5e6e5a81744b14ae8667ec564ad2527709d1a6e7d5e5fa6d483aa0f373a50ad98d42fde368ec4a190d4fae7
+  languageName: node
+  linkType: hard
+
 "jsbn@npm:1.1.0":
   version: 1.1.0
   resolution: "jsbn@npm:1.1.0"