chore: replace deprecated serde_yaml with serde_yml

[anshul-garg27]

Summary

• Replace serde_yaml = "0.9.34" with serde_yml = "0.0" in Cargo.toml
• Update 4 call sites in src/generate_skills.rs from serde_yaml::from_str to serde_yml::from_str

Why

serde_yaml is deprecated by its author — the version string in Cargo.lock shows 0.9.34+deprecated. The crate will not receive security fixes or maintenance updates.

serde_yml is the actively maintained community fork with an identical from_str API, making this a drop-in replacement.

Test plan

• All 4 call sites updated
• No other serde_yaml references remain in src/
• Existing generate-skills tests continue to pass

[changeset-bot]

🦋 Changeset detected

Latest commit: 19a0f0b

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package

Name	Type
@googleworkspace/cli	Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

[gemini-code-assist]

Summary of Changes

Hello, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses the deprecation of the serde_yaml crate by migrating to its actively maintained community fork, serde_yml. This change ensures the project relies on a supported library for YAML serialization and deserialization, preventing potential security vulnerabilities and maintenance issues. The migration involved updating the project's dependencies and adjusting the relevant code calls to the new crate, which offers an identical API for a seamless transition.

Highlights

• Dependency Update: Replaced the deprecated serde_yaml crate with serde_yml in Cargo.toml to ensure continued maintenance and security updates.
• Code Migration: Updated four call sites in src/generate_skills.rs to use serde_yml::from_str instead of serde_yaml::from_str, reflecting the dependency change.

Changelog

• .changeset/chore-replace-serde-yaml.md
  • Added a new changeset file for this chore.
• Cargo.toml
  • Replaced serde_yaml with serde_yml as a dependency.
  • Updated the version of serde_yml to 0.0.
• src/generate_skills.rs
  • Updated serde_yaml::from_str calls to serde_yml::from_str in handle_generate_skills function for persona and recipe registries.
  • Modified serde_yaml::from_str calls to serde_yml::from_str within the test_registry_references test function.

Activity

• No specific activity (comments, reviews, or progress updates) was provided in the context.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for GitHub and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Generative AI Prohibited Use Policy, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request correctly replaces the deprecated serde_yaml crate with its maintained community fork, serde_yml. The changes are straightforward and correctly applied at all call sites. My main feedback is regarding the version specification for serde_yml in Cargo.toml. Using "0.0" is too broad and could lead to future build issues. I've suggested a more specific version to improve dependency stability.

[gemini-code-assist]

Using "0.0" for the version of serde_yml is not recommended as it is equivalent to a wildcard *. This can pull in breaking changes unexpectedly, especially for pre-1.0 crates where minor versions can introduce breaking changes. It's better to specify a more restrictive version to ensure build stability. The latest version of serde_yml is 0.9.1. Using "0.9" would be a safer choice, as it allows for patch updates within the 0.9.x series but prevents pulling in a potentially breaking 0.10.0 release.

Suggested change

	serde_yml = "0.0"
	serde_yml = "0.9"