From 1bdc277c484de438c182a72da2c2487a9809ca16 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 12 Oct 2024 22:23:09 +0000
Subject: [PATCH] fix: py3_test_requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 py3_test_requirements.txt | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/py3_test_requirements.txt b/py3_test_requirements.txt
index 80c7b64..85a62d7 100644
--- a/py3_test_requirements.txt
+++ b/py3_test_requirements.txt
@@ -9,3 +9,7 @@ mock==1.0.1
 # git+https://github.com/spulec/moto.git@0.4.23#egg=moto
 moto==3.1.19
 -e .
+requests>=2.32.2 # not directly required, pinned by Snyk to avoid a vulnerability
+urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
+werkzeug>=3.0.3 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability