From 72c6b747febbf716d46626508835fff2acaf8e0f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 8 May 2024 02:30:13 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129
- https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-6615672
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-MAKO-3017600
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
---
 requirements.txt | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 7c931632b..32da4d695 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -6,7 +6,7 @@ coverage==6.1.2
 dnspython==2.1.0
 dominate==2.6.0
 email-validator==1.1.3
-Flask==2.0.2
+Flask==2.2.5
 Flask-Bootstrap==3.3.7.1
 Flask-Login==0.5.0
 Flask-Migrate==3.1.0
@@ -14,16 +14,16 @@ Flask-Moment==1.0.2
 Flask-SQLAlchemy==2.5.1
 Flask-WTF==0.15.1
 greenlet==1.1.2
-gunicorn==20.1.0
-idna==3.3
+gunicorn==22.0.0
+idna==3.7
 importlib-metadata==4.8.2
 importlib-resources==5.4.0
 iniconfig==1.1.1
 isort==5.10.1
 itsdangerous==2.0.1
-Jinja2==3.0.3
+Jinja2==3.1.4
 lazy-object-proxy==1.6.0
-Mako==1.1.5
+Mako==1.2.2
 MarkupSafe==2.0.1
 mccabe==0.6.1
 packaging==21.2
@@ -42,8 +42,9 @@ tomli==1.2.2
 typed-ast==1.5.0
 typing-extensions==3.10.0.2
 visitor==0.1.3
-Werkzeug==2.0.2
+Werkzeug==3.0.3
 wrapt==1.13.3
 WTForms==3.0.0
 zipp==3.6.0
 prometheus-flask-exporter==0.18.5
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability