Merge pull request #605 from actions/dependabot/npm_and_yarn/yaml-2.3.4

Bump yaml from 2.3.3 to 2.3.4

dist/index.js

@@ -38749,7 +38749,7 @@ class Directives {
                 onError('Verbatim tags must end with a >');
             return verbatim;
         }
-        const [, handle, suffix] = source.match(/^(.*!)([^!]*)$/);
+        const [, handle, suffix] = source.match(/^(.*!)([^!]*)$/s);
         if (!suffix)
             onError(`The ${source} tag has no suffix`);
         const prefix = this.tags[handle];

package-lock.json

@@ -23,7 +23,7 @@
         "spdx-expression-parse": "^3.0.1",
         "spdx-satisfies": "^5.0.1",
         "ts-jest": "^29.1.1",
-        "yaml": "^2.3.3",
+        "yaml": "^2.3.4",
         "zod": "^3.22.3"
       },
       "devDependencies": {
@@ -8145,9 +8145,9 @@
       "integrity": "sha512-a4UGQaWPH59mOXUYnAG2ewncQS4i4F43Tv3JoAM+s2VDAmS9NsK8GpDMLrCHPksFT7h3K6TOoUNn2pb7RoXx4g=="
     },
     "node_modules/yaml": {
-      "version": "2.3.3",
-      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.3.3.tgz",
-      "integrity": "sha512-zw0VAJxgeZ6+++/su5AFoqBbZbrEakwu+X0M5HmcwUiBL7AzcuPKjj5we4xfQLp78LkEMpD0cOnUhmgOVy3KdQ==",
+      "version": "2.3.4",
+      "resolved": "https://registry.npmjs.org/yaml/-/yaml-2.3.4.tgz",
+      "integrity": "sha512-8aAvwVUSHpfEqTQ4w/KMlf3HcRdt50E5ODIQJBw1fQ5RL34xabzxtUlzTXVqc4rkZsPbvrXKWnABCD7kWSmocA==",
       "engines": {
         "node": ">= 14"
       }

package.json

@@ -39,7 +39,7 @@
     "spdx-expression-parse": "^3.0.1",
     "spdx-satisfies": "^5.0.1",
     "ts-jest": "^29.1.1",
-    "yaml": "^2.3.3",
+    "yaml": "^2.3.4",
     "zod": "^3.22.3"
   },
   "devDependencies": {