From 96db3adc8fedf92d95f4fec4192b2faac46bd06f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 6 May 2024 20:09:22 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6592767
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
---
 requirements.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index eb6eaf43..3681d0ed 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -18,7 +18,7 @@ cloudpickle==3.0.0
 colorama==0.4.6
 coolname==2.2.0
 croniter==2.0.3
-cryptography==42.0.5
+cryptography==42.0.6
 dateparser==1.2.0
 db-dtypes==1.2.0
 dnspython==2.6.1
@@ -50,7 +50,7 @@ hpack==4.0.0
 httpcore==1.0.4
 httpx==0.27.0
 hyperframe==6.0.1
-idna==3.6
+idna==3.7
 importlib-metadata==7.0.1
 importlib_resources==6.1.3
 itsdangerous==2.1.2
@@ -131,3 +131,4 @@ validators==0.22.0
 websocket-client==1.7.0
 websockets==12.0
 zipp==3.17.0
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability