From 26f289cfa1413938f61217251807ced6ae115d15 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 2 Jan 2024 02:41:04 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CELERY-2314953
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
---
 requirements.txt | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 96e1c1a..4441e29 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,14 +1,16 @@
 --index-url https://pypi.dev.twilio.com/simple/
 
-Flask==2.0.1
-requests==2.25.1
+Flask==2.2.5
+requests==2.31.0
 gunicorn==20.1.0
 python-json-logger==2.0.1
 jira==2.0.0
-celery==5.1.2
+celery==5.2.2
 redis==3.5.3
 datadog==0.6.0
 PyGithub==1.53
 cryptography==3.4.6
 PyYAML==5.4
-jsonschema==3.2.0
\ No newline at end of file
+jsonschema==3.2.0
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
+werkzeug>=2.3.8 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file