From 1a8898aff3b4c203372782f290e7ba18f9380b2e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 10 Nov 2022 05:42:16 +0000
Subject: [PATCH] fix: requirements/testing.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-YAMALE-1537938
- https://snyk.io/vuln/SNYK-PYTHON-YAMALE-1769275
---
 requirements/testing.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements/testing.txt b/requirements/testing.txt
index 02cb89d92a1..17c4011ccb8 100644
--- a/requirements/testing.txt
+++ b/requirements/testing.txt
@@ -19,7 +19,7 @@ execnet==1.7.1
 # (Pinned to 4.4.2 since what we need for testing is still useful)
 Mercurial==4.4.2  # pyup: ignore
 
-yamale==2.2.0  # pyup: <3.0
+yamale==4.0.0  # pyup: <3.0
 pytest-mock==3.3.1
 
 # local debugging tools