From 7dd70fa3002f97da7e03c53af7280b5a5ca380a2 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 26 Aug 2024 18:51:35 +0000
Subject: [PATCH] fix: requirements/base.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7435780
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436273
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436514
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436646
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642790
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642791
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642813
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642814
- https://snyk.io/vuln/SNYK-PYTHON-DJANGOALLAUTH-7413652
- https://snyk.io/vuln/SNYK-PYTHON-DJANGOALLAUTH-7577207
- https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORK-7252137
- https://snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-WAGTAIL-6226331
- https://snyk.io/vuln/SNYK-PYTHON-WAGTAIL-6226332
- https://snyk.io/vuln/SNYK-PYTHON-WAGTAIL-7172128
- https://snyk.io/vuln/SNYK-PYTHON-WAGTAIL-7443632
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements/base.txt | 11 +++++++----
 1 file changed, 7 insertions(+), 4 deletions(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index 4fe9bca1..c2a72c74 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -1,5 +1,5 @@
 pytz==2023.3.post1  # https://github.com/stub42/pytz
-Pillow==10.2.0  # https://github.com/python-pillow/Pillow
+Pillow==10.3.0  # https://github.com/python-pillow/Pillow
 argon2-cffi==23.1.0  # https://github.com/hynek/argon2_cffi
 whitenoise==6.6.0  # https://github.com/evansd/whitenoise
 redis==5.0.1  # https://github.com/redis/redis-py
@@ -13,7 +13,7 @@ flower==2.0.1  # https://github.com/mher/flower
 django==5.0.3
 django-environ==0.11.2  # https://github.com/joke2k/django-environ
 django-model-utils==4.4.0  # https://github.com/jazzband/django-model-utils
-django-allauth==0.61.1  # https://github.com/pennersr/django-allauth
+django-allauth==0.63.6  # https://github.com/pennersr/django-allauth
 django-crispy-forms==2.1  # https://github.com/django-crispy-forms/django-crispy-forms
 crispy-bootstrap5==2024.2 # https://github.com/django-crispy-forms/crispy-bootstrap5
 django-compressor==4.4  # https://github.com/django-compressor/django-compressor
@@ -32,7 +32,7 @@ django_celery_results==2.5.1
 
 # Wagtail
 # ------------------------------------------------------------------------------
-wagtail==5.2.3  # https://github.com/wagtail/wagtail
+wagtail==6.0.5  # https://github.com/wagtail/wagtail
 
 # Wagtail Recaptcha
 # ------------------------------------------------------------------------------
@@ -86,4 +86,7 @@ urllib3==2.2.2
 iso639-lang==2.2.3
 feedparser==6.0.11
 requests>=2.32.2 # not directly required, pinned by Snyk to avoid a vulnerability
-certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file
+certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability
+dnspython>=2.6.1 # not directly required, pinned by Snyk to avoid a vulnerability
+sqlparse>=0.5.0 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file