Fix Dependabot security vulnerabilities in yaml, picomatch, flatted (#1525)

- Updated yaml from 2.8.2 to 2.8.3 (direct dependency, #154)
- Added picomatch@4 override to resolve to ^4.0.4 (transitive, #153)
- Added flatted override to resolve to ^3.4.2 (transitive, #149)

Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

Author: priyanshu92