From d8279bc7991c3a1651ad990fba542ce0091a1743 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 24 Aug 2024 11:40:33 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements.txt | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 933cc38..488fc68 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,13 +2,13 @@ astroid==2.14.2
 autopep8==2.0.1
 click==8.1.3
 dill==0.3.6
-Flask==2.2.2
+Flask==2.2.5
 Flask-SQLAlchemy==3.0.2
 greenlet==2.0.1
 invoke==2.0.0
 isort==5.12.0
 itsdangerous==2.1.2
-Jinja2==3.1.2
+Jinja2==3.1.4
 lazy-object-proxy==1.9.0
 MarkupSafe==2.1.2
 mccabe==0.7.0
@@ -23,5 +23,6 @@ SQLAlchemy==1.4.46
 tomli==2.0.1
 tomlkit==0.11.6
 typing_extensions==4.4.0
-Werkzeug==2.2.2
+Werkzeug==3.0.3
 wrapt==1.14.1
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability