[Snyk] Security upgrade @codecademy/gamut from 0.0.0-use.local to 1.1.0

[codecademydev]

Snyk has created this PR to fix 1 vulnerabilities in the yarn dependencies of this project.

Snyk changed the following file(s):

• packages/gamut-kit/package.json

Note for zero-installs users

If you are using the Yarn feature zero-installs that was introduced in Yarn V2, note that this PR does not update the .yarn/cache/ directory meaning this code cannot be pulled and immediately developed on as one would expect for a zero-install project - you will need to run yarn to update the contents of the ./yarn/cache directory.
If you are not using zero-install you can ignore this as your flow should likely be unchanged.

⚠️ Warning

Failed to update the yarn.lock, please update manually before merging.

Vulnerabilities that will be fixed with an upgrade:

	Issue
	Uncontrolled Recursion SNYK-JS-YAML-15765520

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[codecov]

⚠️ JUnit XML file not found

The CLI was unable to find any JUnit XML files to upload.
For more help, visit our troubleshooting guide.

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 9fe1aef3c5

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

[chatgpt-codex-connector]

Keep gamut-kit on the workspace gamut release line

This change downgrades @codecademy/gamut from 68.2.1 to 1.1.0, while the in-repo workspace package is still 68.2.1 (packages/gamut/package.json). Because the version no longer matches, Yarn stops resolving this dependency to workspace:packages/gamut (currently represented in yarn.lock as @codecademy/gamut@npm:68.2.1, @codecademy/gamut@workspace:packages/gamut) and will pull the published 1.1.0 package instead, so gamut-kit no longer builds/tests against the local monorepo source.

Useful? React with 👍 / 👎.

[chatgpt-codex-connector]

Regenerate lockfile for the new gamut dependency

The dependency spec was changed without updating yarn.lock. Our shared CI action (.github/actions/yarn/action.yml) runs yarn install --immutable, and Yarn's --help explicitly states this mode exits with an error if the lockfile would be modified. Since the lockfile currently has no @codecademy/gamut@npm:1.1.0 entry, workflows using this action will fail during dependency installation until the lockfile is updated.

Useful? React with 👍 / 👎.