From 4b91bdfcbeed5c7d5429a7c76b834e2f1ae343e4 Mon Sep 17 00:00:00 2001
From: Nick Clyde <nick@clyde.tech>
Date: Tue, 5 Nov 2024 06:55:31 -0800
Subject: [PATCH] [Snyk] Security upgrade mysql-connector-python from 8.0.33 to
 9.1.0 (#2790)

fix: containers/record-linkage/requirements.txt to reduce vulnerabilities


The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-MYSQLCONNECTORPYTHON-8225083

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: austin-hall-skylight <austin.hall@skylight.digital>
---
 containers/record-linkage/requirements.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/containers/record-linkage/requirements.txt b/containers/record-linkage/requirements.txt
index 135e69f75f..c9df55101a 100644
--- a/containers/record-linkage/requirements.txt
+++ b/containers/record-linkage/requirements.txt
@@ -7,4 +7,5 @@ fhirpathpy
 pandas>2.0.0
 sqlalchemy
 rapidfuzz
-pyarrow>=14.0.1
\ No newline at end of file
+pyarrow>=14.0.1
+mysql-connector-python>=9.1.0 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file