From 40a8cff5927457eb06f978cb5283eab9789c452d Mon Sep 17 00:00:00 2001
From: Houkun <houkun.zhu@getyourguide.com>
Date: Tue, 14 Apr 2026 12:01:37 +0200
Subject: [PATCH] AIP-211: upgrade pytest to >=9.0.3 to fix vulnerable tmpdir
 handling

Addresses Dependabot alert #19 (MODERATE severity). The previous
constraint ^6.2 allowed versions with insecure temporary directory
handling.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
---
 pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index 5020303..963a6a7 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -21,7 +21,7 @@ requests = "^2.23.3"
 ddataflow = 'ddataflow.ddataflow:main'
 
 [tool.poetry.dev-dependencies]
-pytest = "^6.2"
+pytest = ">=9.0.3"
 
 [build-system]
 requires = ["poetry-core>=1.0.0"]