Bumped yaml language server version

[golergka]

It includes this fix of mine: https://github.com/redhat-developer/yaml-language-server/pull/735

[netlify[bot]]

✅ Deploy Preview for monaco-yaml ready!

Built without sensitive environment variables

Name	Link
🔨 Latest commit	6d986586b5459457cfc78806c487c23bb7a98519
🔍 Latest deploy log	https://app.netlify.com/sites/monaco-yaml/deploys/62de7870b3207d00085b03fd
😎 Deploy Preview	https://deploy-preview-182--monaco-yaml.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site settings.

[golergka]

Also, I have what probably is stupid question: why is yaml language server a dev dependency?... Isn't it used for yaml checking at runtime?

[remcohaszing]

Thanks you for this contribution, and also for the upstream fix!

It concerns me a bit that yaml-language-server now uses ajv. In my experience this package causes content security policy issues, because it evaluates generated code. Could you make sure this isn’t the case? I’ve just added a content security policy for the Netlify deployments, so rebasing should be sufficient.

Also, I have what probably is stupid question: why is yaml language server a dev dependency?... Isn't it used for yaml checking at runtime?

I’ll answer this first, because it’s relevant. Also it’s not a stupid question. :)

yaml-language-server has some dependencies that require special attention. To take away the burden of dealing with this from users, they are resolved by monaco-yaml. This is done in build.js. As you can see, most of that file is about redirecting dependencies.

If the ajv dependency causes CSP issues as I suspect, they need to be stubbed similar to vscode-nls.

Also don’t worry about the playwright failure. Playwright tends to timeout, this is unrelated to this PR.

[remcohaszing]

Thanks for your PR and especially for the upstream fix!

I updated yaml-language-server and stubbed ajv` in #189 instead.