From 5320fac5767962317d8a88094ab2858159da0b77 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 7 Aug 2024 07:51:33 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389002
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389021
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606966
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606969
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2940618
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2968205
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3319450
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5496950
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5750790
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5880505
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5932095
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6041515
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6370660
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7435780
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436273
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436514
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436646
- https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORK-7252137
- https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORKSIMPLEJWT-3104636
- https://snyk.io/vuln/SNYK-PYTHON-FUTURE-3180414
- https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-6615672
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-5426157
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
---
 requirements.txt | 23 ++++++++++++-----------
 1 file changed, 12 insertions(+), 11 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index ffec3333..c608a9cc 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,11 +3,11 @@ Babel==2.9.1
 backports-abc==0.5
 billiard==3.6.1.0
 celery==4.4.0
-certifi==2017.4.17
+certifi==2023.7.22
 chardet==3.0.4
 coreapi==2.3.3
 coreschema==0.0.4
-Django==2.2.26
+Django==4.2.14
 #django-celery-beat==1.1.1
 django-celery-beat==2.0.0
 django-celery-results==2.0.1
@@ -17,13 +17,13 @@ django-debug-toolbar==3.2.2
 django-extensions==2.1.9
 django-rest-swagger==2.2.0
 django-timezone-field==4.0
-djangorestframework>=3.11.2
+djangorestframework>=3.15.2
 djangorestframework-datatables==0.6.0
 flower==0.9.2
-future==0.16.0
+future==0.18.3
 futures==3.1.1
-gunicorn==20.0.4
-idna==2.5
+gunicorn==22.0.0
+idna==3.7
 importlib-metadata==0.23
 itypes==1.1.0
 Jinja2==2.11.3
@@ -43,23 +43,23 @@ python-magic==0.4.15
 #python-magic-bin==0.4.14
 python-memcached==1.59
 pytz==2019.2
-requests==2.25.1
+requests==2.32.2
 simplejson==3.16.0
 singledispatch==3.4.0.3
 six==1.10.0
-sqlparse==0.4.2
+sqlparse==0.5.0
 supervisor==4.2.1
 thehive4py==1.8.1
 tornado==5.1
 tzlocal==1.5.1
 uritemplate==3.0.0
-urllib3==1.26.5
+urllib3==1.26.19
 vine==1.3.0
-Werkzeug==2.0.1
+Werkzeug==3.0.3
 zipp==0.6.0
 django-filter==2.4.0
 django-cors-headers==3.2.0
-djangorestframework-simplejwt==4.4.0
+djangorestframework-simplejwt==5.2.2
 django-health-check==3.12.1
 psutil==5.7.0
 django-organizations==1.1.2
@@ -67,3 +67,4 @@ django-annoying==0.10.6
 django-reset-migrations
 django-dbconn-retry
 cpe==1.2.1
+setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability