From 26c8689577f145c2ff6fb074d61921d9f2a238bc Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 23 Oct 2024 22:27:09 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CELERY-2314953
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129
- https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-6615672
- https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-7856105
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements.txt | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 96e1c1a..69f6ad1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,14 +1,18 @@
 --index-url https://pypi.dev.twilio.com/simple/
 
-Flask==2.0.1
-requests==2.25.1
-gunicorn==20.1.0
+Flask==2.2.5
+requests==2.32.2
+gunicorn==22.0.0
 python-json-logger==2.0.1
 jira==2.0.0
-celery==5.1.2
+celery==5.2.2
 redis==3.5.3
 datadog==0.6.0
 PyGithub==1.53
 cryptography==3.4.6
 PyYAML==5.4
-jsonschema==3.2.0
\ No newline at end of file
+jsonschema==3.2.0
+idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability
+werkzeug>=3.0.3 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file