Code Injection vulnerability in js-yaml dependency

[LeonAlvarez]

Hi currently package relies on a vulnerable version of js-yaml

dependency path: vue-loader > postcss-load-config > postcss-load-options > cosmiconfig > js-yaml
more info : https://npmjs.com/advisories/813
Can be fixed updating the vue-loader dependency wich is outdated.