From 6da167709eaee0e4375808d4ac692c5b3f353a0c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 17 Nov 2022 19:02:17 +0000
Subject: [PATCH] fix: giza/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-174126
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-455616
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-42159
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-559098
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-72435
---
 giza/requirements.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/giza/requirements.txt b/giza/requirements.txt
index 51052ec40..18a285674 100644
--- a/giza/requirements.txt
+++ b/giza/requirements.txt
@@ -12,7 +12,7 @@ giza==0.5.7a0
 hieroglyph==0.7.1
 idna==2.0
 ipaddress==1.0.16
-Jinja2==2.8
+Jinja2==2.11.3
 jira==1.0.3
 libgiza==0.2.7
 MarkupSafe==0.23
@@ -25,8 +25,8 @@ pycparser==2.14
 Pygments==2.1.1
 pyOpenSSL==0.15.1
 pytz==2015.7
-PyYAML==3.11
-requests==2.9.1
+PyYAML==5.4
+requests==2.20
 requests-oauthlib==0.6.0
 requests-toolbelt==0.6.0
 rstcloth==0.2.5