yaml.v2 version bump to fix CVE-2019-11254

[jimmystewpot]

Hello,

The included version of gopkg.in/yaml.v2 (v2.2.2) has a reported vulnerability of CVE-2019-11254. To resolve the vulnerability the version has been upgraded to v2.2.8.

The testify libraries have also been bumped from 1.4.0 to 1.7.0 to avoid the same vulnerability.

As per the contributors document the make test and make lint targets have both successfully completed on Go version 1.13. The tests will fail on Go 1.16 due to the following bug bug.

[codecov]

Codecov Report

Merging #936 (65cac8f) into master (c23abee) will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff           @@
##           master     #936   +/-   ##
=======================================
  Coverage   98.27%   98.27%           
=======================================
  Files          44       44           
  Lines        1974     1974           
=======================================
  Hits         1940     1940           
  Misses         27       27           
  Partials        7        7           

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update c23abee...65cac8f. Read the comment docs.

[jimmystewpot]

Is there something missing from this PR which is blocking a review?

[abhinav]

Apologies for the delay. This looks fine. Thanks!