Update yaml to v2.2.2 to remedy CVE-2023-2251

[aukevanleeuwen]

More information:

• https://github.com/advisories/GHSA-f9xv-q969-pqx4
• https://nvd.nist.gov/vuln/detail/CVE-2023-2251

Fixes #2280

🤔 What's changed?

Updated yaml depenency to v2.2.2.

⚡️ What's your motivation?

Fixes vulnerability:

• https://github.com/advisories/GHSA-f9xv-q969-pqx4
• https://nvd.nist.gov/vuln/detail/CVE-2023-2251

🏷️ What kind of change is this?

• :bank: Refactoring/debt/DX (improvement to code design, tooling, documentation etc. without changing behaviour)

♻️ Anything particular you want feedback on?

No.

📋 Checklist:

• [x] I agree to respect and uphold the Cucumber Community Code of Conduct
• [ ] I've changed the behaviour of the code
  • [ ] I have added/updated tests to cover my changes.
• [ ] My change requires a change to the documentation.
  • [ ] I have updated the documentation accordingly.
• [ ] Users should know about my change
  • [ ] I have added an entry to the "Unreleased" section of the CHANGELOG, linking to this pull request.

[coveralls]

Coverage: 98.489%. Remained the same when pulling 536b75f2b80d436f7c8caec9d7a533d733aea2f8 on aukevanleeuwen:fix-2280-cve-on-yaml into c32b21ea897117177eaf539d4941f4f48618b8f2 on cucumber:main.

[aslakhellesoy]

Hi @aukevanleeuwen,

Thanks for your making your first contribution to Cucumber, and welcome to the Cucumber committers team! You can now push directly to this repo and all other repos under the cucumber organization! 🍾

In return for this generous offer we hope you will:

• ✅ Continue to use branches and pull requests. When someone on the core team approves a pull request (yours or someone else's), you're welcome to merge it yourself.
• 💚 Commit to setting a good example by following and upholding our code of conduct in your interactions with other collaborators and users.
• 💬 Join the community Slack channel to meet the rest of the team and make yourself at home.
• ℹ️ Don't feel obliged to help, just do what you can if you have the time and the energy.
• 🙋 Ask if you need anything. We're looking for feedback about how to make the project more welcoming, so please tell us!

On behalf of the Cucumber core team, Aslak Hellesøy Creator of Cucumber