Upgrading SnakeYAML and Spring Boot to address CVE-2022-1471
This upgrades the SnakeYAML dependency to be version 2.0, addressing a critical security vulnerability (CVE-2022-1471).
It required explicitly setting the dependency rather than allowing it to be inherited from Spring Boot.
I also upgrade Spring Boot to 2.7.10, because it was incompatible in obm!46 (merged), oqm!25 (merged), and osm!43 (merged); even though it wasn't failing the pipeline here.
Edited by David Diederich