--format yml outputs invalid YAML

[halfbyte]

Steps to Reproduce:

1. run gemsurance --format yml on a project that has vulnerabilities
2. run ruby -e "require 'yaml';YAML.load_file('gemsurance_report.yml')"

the yaml output format currently is broken, as it does not quote fields where quoting is necessary (most notably, patched_versions fields).

I'd also like to question the general idea of rendering out formats like YAML with erb, as this raises the risk of introducing format errors.

As output seems to be work in progress anyway, should I try to fix this in a PR? Or is this currently worked on anyway and therefore makes no sense for me to touch it?

Thanks for the great gem, btw!

[jonkessler]

Looks like this will be addressed with #27

[jonkessler]

Fixed by #27