From cbdb27670ae2d05c28d930edb5e5defb7d9c2405 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 20 Aug 2024 02:37:51 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CELERY-2314953
- https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-6615672
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements.txt | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 1a2c062..a06b732 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -5,7 +5,7 @@ arrow==0.17.0
 billiard==3.6.3.0
 black==20.8b1
 blinker==1.4
-celery==5.0.5
+celery==5.2.2
 certifi==2020.12.5
 chardet==4.0.0
 click==7.1.2
@@ -18,7 +18,7 @@ Flask-DebugToolbar==0.11.0
 Flask-Migrate==2.6.0
 Flask-SQLAlchemy==2.4.4
 Flask-WTF==0.14.3
-gunicorn==20.0.4
+gunicorn==22.0.0
 idna==2.10
 itsdangerous==1.1.0
 Jinja2==2.11.3
@@ -50,3 +50,5 @@ vine==5.0.0
 wcwidth==0.2.5
 Werkzeug==1.0.1
 WTForms==2.3.3
+setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability