From 20c11f7a2f997044a7009a6d878e7a423f78535c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 12 Jun 2024 14:34:20 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-1022152
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3172287
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3314966
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315324
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315328
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315331
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315452
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315972
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315975
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316038
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316211
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5663682
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5777683
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813745
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813746
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813750
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6036192
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6050294
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6126975
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6210214
- https://snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1014645
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-174323
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-174464
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5969479
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-72681
---
 requirements.txt | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 71fc92e..6e96a98 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -14,14 +14,14 @@ cffi==1.10.0
 constantly==15.1.0
 coreapi==2.3.0
 coreschema==0.0.4
-cryptography==1.8.1
+cryptography==42.0.2
 cssselect==1.0.1
 Django==1.11
 django-cors-headers==2.0.2
 django-filter==1.0.2
 django-rest-swagger==2.1.2
 djangorestframework==3.6.2
-dnspython==1.15.0
+dnspython==2.6.1
 docutils==0.13.1
 editdistance==0.3.1
 elasticsearch==5.3.0
@@ -29,7 +29,7 @@ enum34==1.1.6
 Faker==0.7.11
 futures==3.1.1
 Geohash==1.0
-idna==2.5
+idna==3.7
 incremental==16.10.1
 ipaddress==1.0.18
 itypes==1.1.0
@@ -69,7 +69,7 @@ stripe==1.53.0
 Twisted==16.6.0
 typing==3.6.1
 uritemplate==3.0.0
-urllib3==1.21
+urllib3==1.26.18
 vine==1.1.3
 w3lib==1.17.0
 XlsxWriter==0.9.6
@@ -77,4 +77,5 @@ zope.interface==4.4.0
 kombu==3.0.37
 google-cloud-pubsub==0.28.3
 google-cloud-storage==1.4.0
-grpcio==1.4.0
\ No newline at end of file
+grpcio==1.4.0
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file