fix: website/package.json & website/yarn.lock to reduce vulnerabilities

snyk-bot · snyk-bot · commit 607a4b6fcbb7 · 2025-11-20T16:25:00.000Z
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-JSYAML-13961110
diff --git a/website/package.json b/website/package.json
@@ -17,7 +17,7 @@
     "@docusaurus/preset-classic": "^2.3.1",
     "@docusaurus/utils": "^2.3.1",
     "classnames": "^2.2.6",
-    "js-yaml": "^3.12.0",
+    "js-yaml": "^3.14.2",
     "lodash.merge": "^4.6.2",
     "lodash.template": "^4.5.0",
     "prism-react-renderer": "^1.0.2",
diff --git a/website/yarn.lock b/website/yarn.lock
@@ -4804,14 +4804,22 @@ joi@^17.6.0:
   resolved "https://registry.yarnpkg.com/js-tokens/-/js-tokens-4.0.0.tgz#19203fb59991df98e3a287050d4647cdeaf32499"
   integrity sha512-RdJUflcE3cUzKiMqQgsCu06FPu9UdIJO0beYbPhHN4k6apgJtifcoCtT9bcxOpYBtpD2kCM6Sbzg4CausW/PKQ==
 
-js-yaml@^3.12.0, js-yaml@^3.13.1:
+js-yaml@^3.13.1:
   version "3.14.1"
   resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.1.tgz#dae812fdb3825fa306609a8717383c50c36a0537"
   integrity sha512-okMH7OXXJ7YrN9Ok3/SXrnu4iX9yOk+25nqX4imS2npuvTYDmo/QEZoqwZkYaIDk3jVvBOTOIEgEhaLOynBS9g==
   dependencies:
     argparse "^1.0.7"
     esprima "^4.0.0"
 
+js-yaml@^3.14.2:
+  version "3.14.2"
+  resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-3.14.2.tgz#77485ce1dd7f33c061fd1b16ecea23b55fcb04b0"
+  integrity sha512-PMSmkqxr106Xa156c2M265Z+FTrPl+oxd/rgOQy2tijQeK5TxQ43psO1ZCwhVOSdnn+RzkzlRz/eY4BgJBYVpg==
+  dependencies:
+    argparse "^1.0.7"
+    esprima "^4.0.0"
+
 js-yaml@^4.1.0:
   version "4.1.0"
   resolved "https://registry.yarnpkg.com/js-yaml/-/js-yaml-4.1.0.tgz#c1fb65f8f5017901cdd2c951864ba18458a10602"
