From bf6a82fcacc45e247806ae2440be91815b366ffc Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 8 Jul 2024 06:30:41 +0000
Subject: [PATCH 1/4] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 2ea14248..d1c20b8d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -5,5 +5,5 @@ pyjwt~=2.8.0  # https://github.com/jpadilla/pyjwt
 requests~=2.32.0 # https://github.com/psf/requests
 typing-extensions~=4.11.0 # https://github.com/python/typing_extensions
 frozendict~=2.4.3 # https://github.com/Marco-Sulla/python-frozendict
-certifi~=2024.2.2 # https://github.com/certifi/python-certifi
+certifi~=2024.7.4 # https://github.com/certifi/python-certifi
 

From dea43aec913c3a3abd6991a0b6525ae9ec757f06 Mon Sep 17 00:00:00 2001
From: Koman Rudden <komanrudden@gmail.com>
Date: Thu, 15 Jan 2026 06:02:44 +0200
Subject: [PATCH 2/4] chore: update requirements.txt to remove pyjwt dependency
 duplication

---
 requirements.txt | 1 -
 1 file changed, 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 01f43079..db622767 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,7 +1,6 @@
 urllib3~=2.2.1  # https://github.com/urllib3/urllib3
 python-dateutil~=2.9.0.post0 # https://github.com/dateutil/dateutil
 Authlib~=1.3.0 # https://github.com/lepture/authlib
-pyjwt~=2.8.0  # https://github.com/jpadilla/pyjwt
 requests~=2.32.0 # https://github.com/psf/requests
 typing-extensions~=4.11.0 # https://github.com/python/typing_extensions
 frozendict~=2.4.3 # https://github.com/Marco-Sulla/python-frozendict

From a2d00fa8dec12ac03b54a42ae260091fa0c5a527 Mon Sep 17 00:00:00 2001
From: Koman Rudden <komanrudden@gmail.com>
Date: Thu, 15 Jan 2026 06:05:38 +0200
Subject: [PATCH 3/4] chore: clean up requirements.txt by removing duplicate
 dependencies

---
 requirements.txt | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index db622767..9d740116 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,10 +1,4 @@
-urllib3~=2.2.1  # https://github.com/urllib3/urllib3
-python-dateutil~=2.9.0.post0 # https://github.com/dateutil/dateutil
-Authlib~=1.3.0 # https://github.com/lepture/authlib
 requests~=2.32.0 # https://github.com/psf/requests
-typing-extensions~=4.11.0 # https://github.com/python/typing_extensions
-frozendict~=2.4.3 # https://github.com/Marco-Sulla/python-frozendict
-certifi~=2024.7.4 # https://github.com/certifi/python-certifi
 # Core dependencies
 django>=4.2.0,<5.0.0
 python-dotenv>=1.0.0

From eba390ee180a64293be7fb8c8298de4e455f106e Mon Sep 17 00:00:00 2001
From: Koman Rudden <komanrudden@gmail.com>
Date: Fri, 16 Jan 2026 05:51:25 +0200
Subject: [PATCH 4/4] Removed duplicate requests dependency after changes from
 Snyk

---
 requirements.txt | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 9d740116..000876cd 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,8 +1,7 @@
-requests~=2.32.0 # https://github.com/psf/requests
+requests~=2.32.0
 # Core dependencies
 django>=4.2.0,<5.0.0
 python-dotenv>=1.0.0
-requests>=2.32.2
 cryptography>=41.0.0
 pyjwt>=2.10.0
 fastapi>=0.110.0