chore(deps-dev): Bump yaml from 2.8.2 to 2.8.3

[dependabot]

Bumps yaml from 2.8.2 to 2.8.3.

Release notes

Sourced from yaml's releases.

v2.8.3

• Add trailingComma ToString option for multiline flow formatting (#670)
• Catch stack overflow during node composition (1e84ebb)

Commits

• ce14587 2.8.3
• 1e84ebb fix: Catch stack overflow during node composition
• 6b24090 ci: Include Prettier check in lint action
• 9424dee chore: Refresh lockfile
• d1aca82 Add trailingComma ToString option for multiline flow formatting (#670)
• 4321509 ci: Drop the branch filter from GitHub PR actions
• 47207d0 chore: Update docs-slate
• 5212fae chore: Update docs-slate
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
coding-drills	Ready	Preview, Comment	Mar 27, 2026 3:52am

[entelligence-ai-pr-reviews]

---

Confidence Score: 5/5 - Safe to Merge

Safe to merge — this PR performs a straightforward patch-level dependency bump of the yaml dev dependency from 2.8.2 to 2.8.3 in package-lock.json, updating the resolved tarball URL and integrity hash accordingly. As a dev dependency, yaml is not included in production bundles, limiting any risk surface. No logic, runtime, or security issues were identified by the automated review, and the change is entirely mechanical and verifiable against the published npm registry entry for yaml@2.8.3.

Key Findings:

• The yaml package is listed as a dev dependency, meaning this bump has zero impact on production runtime behavior and only affects the development/build toolchain.
• The change is limited to package-lock.json — updating the resolved URL and integrity SHA-512 hash — which is the expected and correct artifact for a patch version bump with no manual code changes.
• Patch-level semver bumps (2.8.2 → 2.8.3) are conventionally reserved for bug fixes and do not introduce breaking changes, further reducing merge risk.
• No review comments were generated and no pre-existing unresolved concerns are present, confirming this is a clean, low-risk dependency maintenance update.

Files requiring special attention

• package-lock.json