From 7c5f0520ff654c9a649a22c33e35c368f4edf49b Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 31 Oct 2022 02:41:25 +0000
Subject: [PATCH] fix: test-requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108
- https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-2855277
- https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-40448
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-174126
- https://snyk.io/vuln/SNYK-PYTHON-NETWORKX-1062709
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-42159
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-559098
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151
---
 test-requirements.txt | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/test-requirements.txt b/test-requirements.txt
index a43df81f..dd21a885 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -8,3 +8,7 @@ pylint
 pytest
 # for integration and platform tests
 cloudify>=3.4.1
+bottle>=0.12.20 # not directly required, pinned by Snyk to avoid a vulnerability
+jinja2>=2.11.3 # not directly required, pinned by Snyk to avoid a vulnerability
+networkx>=2.6 # not directly required, pinned by Snyk to avoid a vulnerability
+pyyaml>=5.4 # not directly required, pinned by Snyk to avoid a vulnerability