build(deps): bump github.com/zclconf/go-cty-yaml from 1.1.0 to 1.2.0

[dependabot]

Bumps github.com/zclconf/go-cty-yaml from 1.1.0 to 1.2.0.

Changelog

Sourced from github.com/zclconf/go-cty-yaml's changelog.

1.2.0 (December 17, 2025)

• The YAML decoder now has more complete support for tag:yaml.org,2002:merge, including support for merging a sequence of mappings rather than just a single mapping.

  Unfortunately the specification for this tag is terse and incomplete, and other existing implementations disagree even with the few behaviors that are described in the specification, so this library implements behavior that matches existing implementations while diverging slightly from the spec:

  • The untagged scalar value << is resolved as tag:yaml.org,2002:merge only in the mapping key position. In all other positions it's resolved as a normal string, "<<". Writing out the tag explicitly instead of using the shorthand is allowed in mapping key position and rejected as an error in all other positions.
  • Multiple merge keys can appear in the same mapping, and will each be handled separately as if they had all been written as a single merge.
  • Later mentions of a key override earlier mentions of a key in all cases. This is the main deviation from the spec text: the spec requires that the earliest mention of each key takes priority when merging, but that is the opposite of the normal behavior for duplicate keys in a mapping (without merging) and other implementations seem to ignore that exception.

  There are a few other implementations that disagree with what this library implements. That's unfortunate, but unavoidable because existing implementations are in conflict with one another already. The choices in this implementation were based on a survey of various other popular implementatins and will not be changed in a breaking way after this release.

Commits

• 85d6bca v1.2.0 release
• 229f481 Allow a !!merge key to be used with a sequence of mappings
• 5da71a8 Add GitHub funding metadata
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)