From e486d4d0c4c4cc62ed91eb503f86fad63b59446f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 23 Dec 2023 16:23:52 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
---
 requirements.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index fec373ef..7b8e407d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,10 +3,11 @@ fastapi>=0.78.0,<1
 gunicorn>=20.1.0,<21
 Jinja2>=3.1.2,<4
 pydantic[email]>=1.9.1,<2
-requests>=2.28.1,<3
+requests>=2.31.0,<3
 tenacity>=8.0.1,<9
 typer>=0.4.1,<1
 uvicorn[standard]>=0.17.6,<1
 logzio-python-handler
 ddtrace
 protobuf>=3.20.2 # not directly required, pinned by Snyk to avoid a vulnerability
+certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability