Replace to gopkg.in/yaml with github.com/goccy/go-yaml (note)

[bep]

Fixes #8822

[bep]

• I think we need to see Panics from fuzzing goccy/go-yaml#540 fixed before merging this.
• Security issue: Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory. goccy/go-yaml#461

[bep]

With goccy/go-yaml#461 closed, I must also close this. For now, at least. I may revisit this if once I understand it better / find a workaround on Hugo's side. But re. Hugo's security policy, the templates are trusted, the content files are not. It's fairly common to print/marshal (e.g. jsonify) front matter values. So, even if the Go maps themselves isn't big, one could easily imagine the rendered output blow up with front matter constructs like the below:

---
title: Biiiig Front Matter
a: &a [_,_,_,_,_,_,_,_,_,_,_,_,_,_,_]
b: &b [*a,*a,*a,*a,*a,*a,*a,*a,*a,*a]
c: &c [*b,*b,*b,*b,*b,*b,*b,*b,*b,*b]
d: &d [*c,*c,*c,*c,*c,*c,*c,*c,*c,*c]
e: &e [*d,*d,*d,*d,*d,*d,*d,*d,*d,*d]
f: &f [*e,*e,*e,*e,*e,*e,*e,*e,*e,*e]
g: &g [*f,*f,*f,*f,*f,*f,*f,*f,*f,*f]
h: &h [*g,*g,*g,*g,*g,*g,*g,*g,*g,*g]
i: &i [*h,*h,*h,*h,*h,*h,*h,*h,*h,*h]
---

[bep]

I'll reopen; I have worked with this library in another project, and having those anchors/aliases is really useful. I will try to figure out a way to detect these anomalies in the Go map.