From db96b8e5bb3a5dcabcd545606e58c34807a5d7eb Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 27 Sep 2024 03:41:47 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-BLACK-6256273
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements.txt | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 13a1165..1a1ea83 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,7 +1,7 @@
 alembic==1.7.5
 appdirs==1.4.4
 bcrypt==3.2.0
-black==21.12b0
+black==24.3.0
 blinker==1.4
 certifi==2021.10.8
 cffi==1.15.0
@@ -11,7 +11,7 @@ coverage==6.2
 dnspython==2.2.0
 email-validator==1.1.3
 flake8==3.8.4
-Flask==1.1.2
+Flask==2.2.5
 Flask-Bcrypt==0.7.1
 Flask-Login==0.5.0
 Flask-Migrate==2.7.0
@@ -21,7 +21,7 @@ Flask-Testing==0.8.1
 Flask-WTF==1.0.0
 idna==3.3
 itsdangerous==2.0.1
-Jinja2==3.0.3
+Jinja2==3.1.4
 Mako==1.1.6
 MarkupSafe==2.0.1
 mccabe==0.6.1
@@ -43,5 +43,6 @@ twilio==6.63.2
 typed-ast==1.5.2
 typing-extensions==4.0.1
 urllib3==1.26.8
-Werkzeug==2.0.2
+Werkzeug==3.0.3
 WTForms==3.0.0
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability