From acca7e2e61e8e1653c9b2e7c48ea3cf305ada43e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 17 Nov 2025 11:37:55 +0000
Subject: [PATCH] fix: packages/@vue/cli/package.json to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-JSYAML-13961110
---
 packages/@vue/cli/package.json | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/packages/@vue/cli/package.json b/packages/@vue/cli/package.json
index 8115502b15..89f007bcff 100644
--- a/packages/@vue/cli/package.json
+++ b/packages/@vue/cli/package.json
@@ -28,7 +28,7 @@
   },
   "dependencies": {
     "@vue/cli-shared-utils": "^3.0.0-rc.3",
-    "@vue/cli-ui": "^3.0.0-rc.3",
+    "@vue/cli-ui": "^5.0.0",
     "@vue/cli-ui-addon-webpack": "^3.0.0-rc.3",
     "chalk": "^2.3.0",
     "cmd-shim": "^2.0.2",
@@ -44,7 +44,7 @@
     "inquirer": "^6.0.0",
     "isbinaryfile": "^3.0.2",
     "javascript-stringify": "^1.6.0",
-    "js-yaml": "^3.10.0",
+    "js-yaml": "^4.1.1",
     "klaw-sync": "^3.0.2",
     "lodash.clonedeep": "^4.5.0",
     "minimist": "^1.2.0",