From 6ffbaab01816875bc1d4d83d995e1f0e9b9eafd6 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 29 May 2024 18:03:35 +0000
Subject: [PATCH] fix: requirements/requirements_dev.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-BANDIT-6241859
- https://snyk.io/vuln/SNYK-PYTHON-BLACK-6256273
- https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
---
 requirements/requirements_dev.txt | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/requirements/requirements_dev.txt b/requirements/requirements_dev.txt
index 1fa5c171..3366db12 100644
--- a/requirements/requirements_dev.txt
+++ b/requirements/requirements_dev.txt
@@ -15,8 +15,8 @@
 -r requirements_extensions.txt
 -r requirements_multiprocessing.txt
 -r requirements_pygame.txt
-bandit>=1.7.4
-black>=22.3.0
+bandit>=1.7.7
+black>=24.3.0
 coveralls>=3.3.1
 doc8>=0.11.2
 #mccabe>=0.7.0
@@ -41,3 +41,5 @@ tox>=3.25.0
 twine>=4.0.1
 types-six>=1.1.1
 wheel>=0.37.1
+fonttools>=4.43.0 # not directly required, pinned by Snyk to avoid a vulnerability
+requests>=2.32.0 # not directly required, pinned by Snyk to avoid a vulnerability