diff --git a/go.mod b/go.mod
index 239093532..c6638bef3 100644
--- a/go.mod
+++ b/go.mod
@@ -6,7 +6,7 @@ require (
 	github.com/giantswarm/microerror v0.4.0
 	github.com/giantswarm/to v0.4.0
 	github.com/google/go-cmp v0.5.8
-	github.com/google/go-github/v39 v39.2.0
+	github.com/google/go-github/v53 v53.2.0
 	github.com/stretchr/testify v1.7.2
 	golang.org/x/oauth2 v0.0.0-20220608161450-d0670ef3b1eb
 	k8s.io/api v0.24.1
@@ -101,7 +101,7 @@ replace (
 	github.com/gorilla/websocket v1.4.0 => github.com/gorilla/websocket v1.4.2
 
 	// Mitigate a vulnerability in yaml.v1 < 2.2.8 (CVE-2019-11254)
-	gopkg.in/yaml.v2 => gopkg.in/yaml.v2 v2.2.8
+	gopkg.in/yaml.v3 => gopkg.in/yaml.v2 v3.0.1
 
 	sigs.k8s.io/cluster-api => sigs.k8s.io/cluster-api v1.0.4
 )