chore(deps): bump js-yaml to fix prototype pollution in merge (#5709)

Fixes prototype pollution via merge (<<) in two series:
- 3.x: bumps 3.14.1 -> 3.14.2 via parent-scoped resolutions for the
  four 3.x consumers (@istanbuljs/load-nyc-config, @yarnpkg/parsers,
  cosmiconfig, front-matter), preserving 3.x API compatibility
- 4.x: bumps 4.1.0 -> 4.1.1 via unscoped resolution

Co-authored-by: Claude Sonnet 4.6 <noreply@anthropic.com>
Co-authored-by: LucasZF <lucas-zimerman1@hotmail.com>

Author: 3 people

package.json

@@ -60,6 +60,11 @@
   ],
   "resolutions": {
     "appium-chromedriver@npm:5.6.73/@xmldom/xmldom": "0.8.10",
+    "@istanbuljs/load-nyc-config@npm:1.1.0/js-yaml": "^3.14.2",
+    "@yarnpkg/parsers@npm:3.0.0-rc.46/js-yaml": "^3.14.2",
+    "cosmiconfig@npm:5.2.1/js-yaml": "^3.14.2",
+    "front-matter@npm:4.0.2/js-yaml": "^3.14.2",
+    "js-yaml": "^4.1.1",
     "ajv-formats@npm:2.1.1/ajv": "^8.18.0",
     "appium@npm:2.4.1/ajv": "^8.18.0",
     "detox@npm:20.46.0/ajv": "^8.18.0",

yarn.lock

@@ -23433,26 +23433,15 @@ __metadata:
   languageName: node
   linkType: hard
 
-"js-yaml@npm:4.1.0, js-yaml@npm:^4.1.0":
-  version: 4.1.0
-  resolution: "js-yaml@npm:4.1.0"
+"js-yaml@npm:^3.14.2":
+  version: 3.14.2
+  resolution: "js-yaml@npm:3.14.2"
   dependencies:
-    argparse: "npm:^2.0.1"
-  bin:
-    js-yaml: bin/js-yaml.js
-  checksum: c7830dfd456c3ef2c6e355cc5a92e6700ceafa1d14bba54497b34a99f0376cecbb3e9ac14d3e5849b426d5a5140709a66237a8c991c675431271c4ce5504151a
-  languageName: node
-  linkType: hard
-
-"js-yaml@npm:^3.10.0, js-yaml@npm:^3.13.1":
-  version: 3.14.1
-  resolution: "js-yaml@npm:3.14.1"
-  dependencies:
-    argparse: "npm:^1.0.7"
-    esprima: "npm:^4.0.0"
+    argparse: ^1.0.7
+    esprima: ^4.0.0
   bin:
     js-yaml: bin/js-yaml.js
-  checksum: bef146085f472d44dee30ec34e5cf36bf89164f5d585435a3d3da89e52622dff0b188a580e4ad091c3341889e14cb88cac6e4deb16dc5b1e9623bb0601fc255c
+  checksum: 626fc207734a3452d6ba84e1c8c226240e6d431426ed94d0ab043c50926d97c509629c08b1d636f5d27815833b7cfd225865631da9fb33cb957374490bf3e90b
   languageName: node
   linkType: hard