From a2f47c3394e0f585d33cca5f186088d42174270e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 2 Nov 2023 02:08:31 +0000
Subject: [PATCH] fix: scripts/ci/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6041510
---
 scripts/ci/requirements.txt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/scripts/ci/requirements.txt b/scripts/ci/requirements.txt
index 2b5a8c96dbc06..49e13ebdb8388 100644
--- a/scripts/ci/requirements.txt
+++ b/scripts/ci/requirements.txt
@@ -93,3 +93,5 @@ thrift
 thrift_sasl
 unicodecsv
 zdesk
+tornado>=6.3.3 # not directly required, pinned by Snyk to avoid a vulnerability
+werkzeug>=3.0.1 # not directly required, pinned by Snyk to avoid a vulnerability