chore: fix remaining ajv dependabot alert

[jonathannorris]

Summary

• Added ajv@^8.0.0 resolution to force 8.18.0, fixing the last open dependabot alert (DVC-5297 React initialization options #135)

Motivation

ajv-formats@2.1.1 depends on ajv@^8.0.0 which yarn resolved separately to 8.17.1 (vulnerable to ReDoS via $data option), while the ^8.9.0 range from schema-utils already resolved to the patched 8.18.0. The resolution ensures both ranges resolve to the same patched version.

[Copilot]

Pull request overview

This PR addresses a remaining Dependabot alert by forcing all ajv@^8.0.0 consumers to resolve to the patched ajv@8.18.0, avoiding Yarn installing both 8.17.1 (vulnerable) and 8.18.0 in parallel.

Changes:

• Added a Yarn resolutions override to pin ajv@^8.0.0 to 8.18.0.
• Updated yarn.lock so the resolved AJV v8 version is consistently 8.18.0 (with no remaining 8.17.1 entries).

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File	Description
package.json	Adds ajv@^8.0.0: 8.18.0 to resolutions to prevent vulnerable AJV v8 installs.
yarn.lock	Reflects the unified AJV v8 resolution at 8.18.0 and removes the previous 8.17.1 resolution entry.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

[cloudflare-workers-and-pages]

Deploying devcycle-docs with    Cloudflare Pages

Latest commit:	99720dd
Status:	✅  Deploy successful!
Preview URL:	https://97231947.devcycle-docs.pages.dev
Branch Preview URL:	https://chore-fix-remaining-dependab.devcycle-docs.pages.dev

View logs