Update dependency js-yaml to v5

[gardener-ci-robot]

This PR contains the following updates:

Package	Change	Age	Confidence
js-yaml	^4.1.0 → ^5.0.0

---

Release Notes

nodeca/js-yaml (js-yaml)

v5.1.0

Compare Source

Added

• Collection tags can finalize an incrementally populated carrier into a
  different result value.

Changed

• [breaking] quoteStyle now selects the preferred quote style; use the
  restored forceQuotes option to force quoting non-key strings.

v5.0.0

Compare Source

Added

• Added named exports for schemas, tags, parser events and AST utilities.
• Reworked JSON_SCHEMA and CORE_SCHEMA with spec-compliant scalar resolution
  rules, and added YAML11_SCHEMA.
• Added realMapTag for lossless mappings with non-string and complex keys.
  Object-based mappings now reject complex keys instead of stringifying them.
• Added dump() transform option for changing the generated AST before
  rendering.
• Added dump() options seqInlineFirst, flowBracketPadding,
  flowSkipCommaSpace, flowSkipColonSpace, quoteFlowKeys, quoteStyle and
  tagBeforeAnchor.
• Added formal data layers (events and AST) for modular data pipelines.
  • Added low-level parser (to events), presenter and visitor APIs.
• Added the YAML Test Suite to the
  test set.

Changed

• See the migration guide for upgrade notes.
• Rewritten in TypeScript and reorganized the public API around flat named
  exports.
• Reduced the set of exported schemas:
  • YAML 1.2 schemas: CORE_SCHEMA (loader default), JSON_SCHEMA,
    FAILSAFE_SCHEMA.
  • YAML11_SCHEMA, a combination of all YAML 1.1 tags (YAML 1.1 does not
    specify a schema, only "types").
• load/dump default behaviour is now specified exactly via schemas:
  • load uses CORE_SCHEMA, without !!merge by default.
  • dump uses YAML11_SCHEMA + CORE_SCHEMA for the quoting check, to
    guarantee backward compatibility by default.
• !!set is now loaded as a JavaScript Set.
• Replaced the Type API with a tags API. Similar, but more precise and
  simpler. See examples for details. Tags can be defined via
  defineScalarTag(), defineSequenceTag() and defineMappingTag(), or as a
  spread + override of an existing tag.
• Renamed Schema.extend() to Schema.withTags().
• Expanded YAML 1.2 conformance and improved handling of directives, document
  markers, block keys, multiline scalars, tag syntax and other things.
• load() now throws on empty input instead of returning undefined.
• Moved browser builds to the js-yaml/browser export.
• Deprecated the loadAll signature with an iterator (still works, but is a
  candidate for removal).

Removed

• Removed deprecated safeLoad(), safeLoadAll() and safeDump() exports.
• Removed DEFAULT_SCHEMA and the nested types export.
• Removed loader options onWarning, legacy and listener.
• Removed dumper options styles, replacer, noCompatMode, condenseFlow,
  quotingType and forceQuotes. Renamed noArrayIndent to seqNoIndent.
  Formatting and representation are now configured through presenter options,
  schemas and tag definitions. See migration guide on how to replace.
• Removed support for importing internal files from lib/.

v4.3.0

Compare Source

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate.

[coderabbitai]

📝 Walkthrough

Walkthrough

Upgrades the js-yaml dependency from ^4.1.0 to ^5.0.0 in backend/package.json, frontend/package.json, and packages/kube-config/package.json, and updates the Yarn PnP file (.pnp.cjs) with the new resolved version references and package metadata.

Changes

js-yaml v5 upgrade

Layer / File(s)	Summary
package.json version bumps backend/package.json, frontend/package.json, packages/kube-config/package.json	Bumps the js-yaml dependency version constraint from ^4.1.0 to ^5.0.0 in all three package manifests.
Yarn PnP lockfile updates .pnp.cjs	Updates three dependency list entries from js-yaml@npm:4.2.0 to js-yaml@npm:5.0.0 and inserts the new package metadata block for js-yaml@npm:5.0.0 with its packageLocation, packageDependencies (argparse, js-yaml@npm:5.0.0), and linkType: "HARD".

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Suggested labels

size/S

Suggested reviewers

• grolu
• holgerkoser
• klocke-io
• petersutter

Poem

🐇 A version bump, so small and neat,
From four to five — a tidy feat!
The YAML flows with a brand new hue,
PnP updated through and through.
Hop hop hooray, the lockfile's right,
js-yaml shines in fresh daylight! 🌟

🚥 Pre-merge checks | ✅ 4 | ❌ 1

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Description check	⚠️ Warning	The PR description is informative, but it does not follow the required template and is missing the categorization, issue, notes, and release-note fields.	Add the template sections with /area and /kind, a clear purpose statement, linked issue number, reviewer notes, and a filled release-note block or NONE.

✅ Passed checks (4 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title clearly and concisely summarizes the primary change: updating the js-yaml dependency to version 5.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

✨ Finishing Touches

📝 Generate docstrings

• Create stacked PR
• Commit on current branch

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch renovate/js-yaml-5.x

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands.}

[gardener-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign grolu for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment