fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
RedFoxFinn · Aug 24, 2024 · d8279bc · d8279bc
1 parent 2ac514f
commit d8279bc
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -2,13 +2,13 @@ astroid==2.14.2
 autopep8==2.0.1
 click==8.1.3
 dill==0.3.6
-Flask==2.2.2
+Flask==2.2.5
 Flask-SQLAlchemy==3.0.2
 greenlet==2.0.1
 invoke==2.0.0
 isort==5.12.0
 itsdangerous==2.1.2
-Jinja2==3.1.2
+Jinja2==3.1.4
 lazy-object-proxy==1.9.0
 MarkupSafe==2.1.2
 mccabe==0.7.0
@@ -23,5 +23,6 @@ SQLAlchemy==1.4.46
 tomli==2.0.1
 tomlkit==0.11.6
 typing_extensions==4.4.0
-Werkzeug==2.2.2
+Werkzeug==3.0.3
 wrapt==1.14.1
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability