fix(deps): [release-2.8] bump yaml to ^2.8.3 (SNYK-JS-YAML-15765520)

yaml is reachable in frontend/src (rp-connect pipeline parsing, MCP
config, yaml-label-sync — 5+ direct imports), so this is a direct-dep
fix rather than a .snyk dismissal.

Before:
  - yaml@2.7.0 (direct — vulnerable)
  - yaml@2.6.1 (via vitest/ast-v8-to-istanbul chain — vulnerable)
  - yaml@1.10.2 ×3 (via @emotion/css > babel-plugin-macros > cosmiconfig
    — vulnerable even though dev/build-only)

After: all 5 resolve to yaml@2.8.3 via the single overrides/resolutions
entry. Snyk scan confirms 0 yaml findings post-fix.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

Author: malinskibeniamin

frontend/bun.lock

@@ -37,7 +37,8 @@
     "prismjs": "^1.30.0",
     "path-to-regexp": "1.9.0",
     "@remix-run/node": "^2.17.4",
-    "@remix-run/router": "^1.23.2"
+    "@remix-run/router": "^1.23.2",
+    "yaml": "^2.8.3"
   },
   "dependencies": {
     "@chakra-ui/icons": "^2.1",
@@ -90,7 +91,7 @@
     "tailwind-merge": "^3.0.2",
     "tailwindcss": "^4.0.17",
     "uuid": "^11.1.0",
-    "yaml": "^2.7.0",
+    "yaml": "^2.8.3",
     "zod": "^3.24.2"
   },
   "devDependencies": {
@@ -132,6 +133,7 @@
   },
   "resolutions": {
     "react-error-overlay": "6.0.11",
-    "immer": "9.0.7"
+    "immer": "9.0.7",
+    "yaml": "^2.8.3"
   }
 }