From 7f12bf81c9c8a9abccf47d7a3c79445ecf8b5e6a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 3 Jul 2024 06:55:15 +0000
Subject: [PATCH] fix: backend_app/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-5798483
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6057353
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091621
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091622
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091623
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209406
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209407
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6645291
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6808823
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3172287
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3314966
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315324
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315328
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315331
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315452
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315972
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315975
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316038
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316211
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5663682
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5777683
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813745
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813746
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813750
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5914629
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6036192
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6050294
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6092044
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6126975
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6149518
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6157248
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6210214
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6261585
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6592767
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6913422
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329158
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329159
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329160
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389002
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389021
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606966
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606969
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2940618
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2968205
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3319450
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5496950
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5750790
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5880505
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5932095
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6041515
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6370660
- https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORK-7252137
- https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORKSIMPLEJWT-3104636
- https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-6615672
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-PYJWT-2840625
- https://snyk.io/vuln/SNYK-PYTHON-PYMONGO-7172112
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-5426157
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
---
 backend_app/requirements.txt | 28 +++++++++++++++-------------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/backend_app/requirements.txt b/backend_app/requirements.txt
index 1d128035..ae5c96ba 100644
--- a/backend_app/requirements.txt
+++ b/backend_app/requirements.txt
@@ -1,18 +1,18 @@
-aiohttp==3.8.1
+aiohttp==3.9.4
 amqp==2.5.2
 asgiref==3.3.4
 async-timeout==4.0.1
 attrs==19.3.0
 billiard==3.6.1.0
 celery==4.4.0
-certifi==2019.11.28
+certifi==2023.7.22
 chardet==3.0.4
 coreapi==2.3.3
 coreschema==0.0.4
 cpe==1.2.1
 cvsslib==0.6.0
 deepdiff==4.2.0
-Django==3.1.14
+Django==3.2.25
 django-annoying==0.10.6
 django-celery-beat==2.0.0
 django-celery-results==2.0.0
@@ -24,16 +24,16 @@ django-organizations==1.1.2
 django-simple-history==2.12.0
 django-timezone-field==4.0
 django-webpack-loader==0.6.0
-djangorestframework==3.12.2
-djangorestframework-simplejwt==4.4.0
+djangorestframework==3.15.2
+djangorestframework-simplejwt==5.2.2
 drf-yasg==1.20.0
 future==0.18.2
-gunicorn==20.0.4
-idna==2.8
+gunicorn==22.0.0
+idna==3.7
 importlib-metadata==1.4.0
 inflection==0.3.1
 itypes==1.1.0
-Jinja2==2.11.3
+Jinja2==3.1.4
 jmespath==0.10.0
 kombu==4.6.7
 MarkupSafe==1.1.1
@@ -45,14 +45,14 @@ openapi-codec==1.3.2
 ordered-set==3.1.1
 packaging==20.3
 psycopg2==2.9.0
-PyJWT==1.7.1
-pymongo==3.10.1
+PyJWT==2.4.0
+pymongo==4.6.3
 pyparsing==2.4.6
 python-crontab==2.4.0
 python-dateutil==2.8.1
 python-twitter==3.5
 pytz==2019.3
-requests==2.25.1
+requests==2.32.2
 requests-oauthlib==1.3.0
 ruamel.yaml==0.16.10
 ruamel.yaml.clib==0.2.0
@@ -60,12 +60,12 @@ s3transfer==0.3.3
 simplejson==3.17.0
 six==1.13.0
 slackclient==2.5.0
-sqlparse==0.4.2
+sqlparse==0.5.0
 supervisor==4.1.0
 tqdm==4.56.0
 typing-extensions==3.7.4.3
 uritemplate==3.0.1
-urllib3==1.26.5
+urllib3==1.26.19
 vine==1.3.0
 yarl==1.4.2
 zipp==0.6.0
@@ -74,3 +74,5 @@ botocore==1.19.25
 django-cachalot==2.5.1
 python-memcached==1.59
 django-auth-adfs==1.9.5
+cryptography>=42.0.8 # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability