From a0c3fdd8138837c31112e541f8f840afd9037096 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 19 Nov 2025 08:44:55 +0000
Subject: [PATCH] fix: script/sync-ghes/package.json &
 script/sync-ghes/package-lock.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-JSYAML-13961110
---
 script/sync-ghes/package-lock.json | 6 +++---
 script/sync-ghes/package.json      | 2 +-
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/script/sync-ghes/package-lock.json b/script/sync-ghes/package-lock.json
index ebcd318060..5d4e90948d 100644
--- a/script/sync-ghes/package-lock.json
+++ b/script/sync-ghes/package-lock.json
@@ -48,9 +48,9 @@
       "integrity": "sha512-eGuFFw7Upda+g4p+QHvnW0RyTX/SVeJBDM/gCtMARO0cLuT2HcEKnTPvhjV6aGeqrCB/sbNop0Kszm0jsaWU4A=="
     },
     "js-yaml": {
-      "version": "3.13.1",
-      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.13.1.tgz",
-      "integrity": "sha512-YfbcO7jXDdyj0DGxYVSlSeQNHbD7XPWvrVWeVUujrQEoZzWJIRrCPoyk6kL6IAjAG2IolMK4T0hNUe0HOUs5Jw==",
+      "version": "3.14.2",
+      "resolved": "https://registry.npmjs.org/js-yaml/-/js-yaml-3.14.2.tgz",
+      "integrity": "sha512-PMSmkqxr106Xa156c2M265Z+FTrPl+oxd/rgOQy2tijQeK5TxQ43psO1ZCwhVOSdnn+RzkzlRz/eY4BgJBYVpg==",
       "requires": {
         "argparse": "^1.0.7",
         "esprima": "^4.0.0"
diff --git a/script/sync-ghes/package.json b/script/sync-ghes/package.json
index c3c9872458..8f01ace924 100644
--- a/script/sync-ghes/package.json
+++ b/script/sync-ghes/package.json
@@ -14,6 +14,6 @@
     "typescript": "^3.9.2"
   },
   "dependencies": {
-    "js-yaml": "^3.13.1"
+    "js-yaml": "^3.14.2"
   }
 }