build(deps): bump github.com/mikefarah/yq/v4 from 4.53.2 to 4.53.3 in /aws-cli

[dependabot]

Bumps github.com/mikefarah/yq/v4 from 4.53.2 to 4.53.3.

Release notes

Sourced from github.com/mikefarah/yq/v4's releases.

v4.53.3

• Add --ini-preserve-quotes flag for INI round-trip quote preservation (#2728) Thanks @​toller892!
• Fix: reset INI decoder state on init (#2719) Thanks @​xieby1!
• Fix: decode properties array bracket paths (#2693) Thanks @​cyphercodes!
• Fix: preserve floats with trailing zero when encoding YAML to JSON (#2701) Thanks @​ChrisJr404!
• Fix: JSON to TOML root scope and null handling (#2689) Thanks @​LovesAsuna!
• Fix: reset TOML decoder finished flag on Init for multi-doc evaluation (#2704) Thanks @​terminalchai!
• Fix: reset TOML decoder between files when evaluating all at once (#2685) Thanks @​terminalchai!
• Fix: preserve TOML inline table array scope (#2694) Thanks @​cyphercodes!
• Fix: preserve empty TOML arrays in tables (#2686) Thanks @​cyphercodes!
• Fix: TOML encoder uses inline tables for YAML FlowStyle mappings (#2687)
• Fix nested inline YAML merge explode (#2699) Thanks @​cyphercodes!
• Fix repeatString overflow test on 32-bit platforms (#2680) Thanks @​jandubois!
• Bumped dependencies

Changelog

Sourced from github.com/mikefarah/yq/v4's changelog.

4.53.3:

• Add --ini-preserve-quotes flag for INI round-trip quote preservation (#2728) Thanks @​toller892!
• Fix: reset INI decoder state on init (#2719) Thanks @​xieby1!
• Fix: decode properties array bracket paths (#2693) Thanks @​cyphercodes!
• Fix: preserve floats with trailing zero when encoding YAML to JSON (#2701) Thanks @​ChrisJr404!
• Fix: JSON to TOML root scope and null handling (#2689) Thanks @​LovesAsuna!
• Fix: reset TOML decoder finished flag on Init for multi-doc evaluation (#2704) Thanks @​terminalchai!
• Fix: reset TOML decoder between files when evaluating all at once (#2685) Thanks @​terminalchai!
• Fix: preserve TOML inline table array scope (#2694) Thanks @​cyphercodes!
• Fix: preserve empty TOML arrays in tables (#2686) Thanks @​cyphercodes!
• Fix: TOML encoder uses inline tables for YAML FlowStyle mappings (#2687)
• Fix nested inline YAML merge explode (#2699) Thanks @​cyphercodes!
• Fix repeatString overflow test on 32-bit platforms (#2680) Thanks @​jandubois!
• Bumped dependencies

Commits

• 1b9b4ac Bumping version
• 9b67d65 Portable bump version
• f8850c0 Preparting release
• c5a3423 Refining
• 196a99e Agent disclosure
• fa99bf1 Merging agents
• 7111761 docs: add AGENTS.md with Cursor Cloud development instructions (#2735)
• 0cb1bbe Fixing test
• 8fc8eed Minor doc update
• 7620a72 fix: reset INI decoder state on init (#2719)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 2 package(s) with unknown licenses.

See the Details below.

License Issues

aws-cli/go.mod

Package	Version	License	Issue Type
golang.org/x/net	0.55.0	Null	Unknown License
golang.org/x/sys	0.45.0	Null	Unknown License

Allowed Licenses:

0BSD, Apache-2.0, BSD-2-Clause, BSD-3-Clause, CC0-1.0, MIT, MIT-0

OpenSSF Scorecard

Package	Version	Score	Details
gomod/github.com/mikefarah/yq/v4	4.53.3	🟢 7.4	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 16 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Code-Review ⚠️ 1 Found 3/25 approved changesets -- score normalized to 1 Dependency-Update-Tool 🟢 10 update tool detected Security-Policy 🟢 10 security policy file detected Binary-Artifacts 🟢 10 no binaries found in the repo Token-Permissions 🟢 10 GitHub workflow tokens follow principle of least privilege Pinned-Dependencies 🟢 9 dependency not pinned by hash detected -- score normalized to 9 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Packaging 🟢 10 packaging workflow detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches SAST 🟢 10 SAST tool is run on all commits Fuzzing ⚠️ 0 project is not fuzzed CI-Tests 🟢 10 9 out of 9 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 20 contributing companies or organizations
gomod/golang.org/x/net	0.55.0	Unknown	Unknown
gomod/golang.org/x/sys	0.45.0	Unknown	Unknown

Scanned Files

• aws-cli/go.mod