From f33544350e3518e62e412b9295e1fff9813e71ed Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 3 May 2025 07:38:45 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-GEVENT-9919772
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-9964606
---
 requirements.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 50cf7f5..f12ef75 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -18,7 +18,7 @@ requests==2.21.0
 Flask-DebugToolbar==0.10.1
 Flask-WTF==0.14.2
 gunicorn==19.8.1
-gevent==1.3.7
+gevent==25.4.1
 itsdangerous==1.1.0
 python-slugify==1.2.6
 packtools==2.4.3
@@ -33,3 +33,4 @@ articlemetaapi==1.26.4
 prometheus-client==0.5.0
 beautifulsoup4==4.6.3
 mock==2.0.0
+setuptools>=78.1.1 # not directly required, pinned by Snyk to avoid a vulnerability