From 82d3dbdec45cb650fda0e9a3cbd007385e635e95 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 12 Jul 2024 11:19:22 +0000
Subject: [PATCH] fix: requirements/prod.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
---
 requirements/prod.txt | 3 +++
 1 file changed, 3 insertions(+)
 mode change 100755 => 100644 requirements/prod.txt

diff --git a/requirements/prod.txt b/requirements/prod.txt
old mode 100755
new mode 100644
index 5567a3301..0d67b037b
--- a/requirements/prod.txt
+++ b/requirements/prod.txt
@@ -8,3 +8,6 @@ Flask-WTF==0.15.1
 email_validator==1.1.3
 python-dotenv==0.19.1
 prometheus-flask-exporter==0.18.5
+idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability
+jinja2>=3.1.4 # not directly required, pinned by Snyk to avoid a vulnerability
+werkzeug>=2.2.3 # not directly required, pinned by Snyk to avoid a vulnerability