From 536b75f2b80d436f7c8caec9d7a533d733aea2f8 Mon Sep 17 00:00:00 2001
From: Auke van Leeuwen <aukevanleeuwen@gmail.com>
Date: Wed, 26 Apr 2023 09:43:43 +0200
Subject: [PATCH] Update yaml to v2.2.2 to remedy CVE-2023-2251

More information:
* https://github.com/advisories/GHSA-f9xv-q969-pqx4
* https://nvd.nist.gov/vuln/detail/CVE-2023-2251

Fixes #2280
---
 package-lock.json | 8 ++++----
 package.json      | 2 +-
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package-lock.json b/package-lock.json
index a3f2a9f60..3e7c2e050 100644
--- a/package-lock.json
+++ b/package-lock.json
@@ -47,7 +47,7 @@
         "util-arity": "^1.1.0",
         "verror": "^1.10.0",
         "xmlbuilder": "^15.1.1",
-        "yaml": "2.2.1",
+        "yaml": "^2.2.2",
         "yup": "^0.32.11"
       },
       "bin": {
@@ -7909,9 +7909,9 @@
       "dev": true
     },
     "node_modules/yaml": {
-      "version": "2.2.1",
-      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.2.1.tgz",
-      "integrity": "sha512-e0WHiYql7+9wr4cWMx3TVQrNwejKaEe7/rHNmQmqRjazfOP5W8PB6Jpebb5o6fIapbz9o9+2ipcaTM2ZwDI6lw==",
+      "version": "2.2.2",
+      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.2.2.tgz",
+      "integrity": "sha512-CBKFWExMn46Foo4cldiChEzn7S7SRV+wqiluAb6xmueD/fGyRHIhX8m14vVGgeFWjN540nKCNVj6P21eQjgTuA==",
       "engines": {
         "node": ">= 14"
       }
diff --git a/package.json b/package.json
index 588d0a23c..e249f9704 100644
--- a/package.json
+++ b/package.json
@@ -244,7 +244,7 @@
     "util-arity": "^1.1.0",
     "verror": "^1.10.0",
     "xmlbuilder": "^15.1.1",
-    "yaml": "2.2.1",
+    "yaml": "^2.2.2",
     "yup": "^0.32.11"
   },
   "devDependencies": {