From 204cefb5935f966dc18b933c290a6369002bf571 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 7 May 2024 19:55:49 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
---
 requirements.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 286018f2f..89248aa2a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -9,7 +9,8 @@ gunicorn
 django-heroku
 whitenoise
 django-allauth
-Jinja2==2.7.2
+Jinja2==3.1.4
 python-etcd==0.4.5
 urllib3==1.25.9
 #test push should not push ddd
+werkzeug>=3.0.3 # not directly required, pinned by Snyk to avoid a vulnerability