DEV-3105: Upgrade werkzeug to fix vulnerability (#120)

mpsolano · web-flow · commit c8dc2b8b278a · 2024-11-04T09:21:33.000-06:00
diff --git a/requirements.txt b/requirements.txt
@@ -83,7 +83,7 @@ typing-extensions==4.5.0
     #   indexd (setup.py)
 urllib3==2.0.7
     # via requests
-werkzeug==3.0.4
+werkzeug==3.0.6
     # via
     #   flask
     #   indexd (setup.py)
diff --git a/setup.py b/setup.py
@@ -45,12 +45,12 @@
         "sqlalchemy-utils>=0.32",
         "psycopg2>=2.7",
         "cdislogging>=1.0",
-        "requests>=2.32.2",  # pinned for DEV-2844 (POAM)
+        "requests>=2.32.2",
         "ddtrace>=2.9.1",
         "importlib-metadata>=1.4",
         # jsonschema-spec 0.1.6 depends on typing-extensions<4.6.0
         "typing-extensions<4.6.0",
-        "zipp>=3.19.1",  # pinned for DEV-2842 (POAM)
-        "werkzeug>=3.0.3",  # pinned for DEV-2704 (POAM)
+        "zipp>=3.19.1",
+        "werkzeug>=3.0.6",
     ],
 )
