[deps] Bump Pyyaml to 6.0 (#56)

ldionne · web-flow · commit 239d683ded46 · 2025-10-06T09:32:30.000-04:00
This resolves a number of Dependatbot alerts. Also, this moves the pinning down of
the depedency from setup.py to requirements.txt, which is apparently best practice.
diff --git a/requirements.server.txt b/requirements.server.txt
@@ -3,3 +3,4 @@
 psycopg2==2.8
 gunicorn==19.9.0
 progressbar2
+pyyaml==6.0
diff --git a/setup.py b/setup.py
@@ -126,11 +126,11 @@
         "itsdangerous==0.24",
         "python-gnupg==0.3.7",
         "pytz==2016.10",
+        "pyyaml",
         "WTForms==2.0.2",
         "Flask-WTF==0.12",
         "typing",
         "click==6.7",
-        "pyyaml==5.1.2",
         "requests",
         "certifi"
     ],
