From fa0bb387e8c998332519390a2a73a0340a02f13a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 20 Sep 2023 20:12:43 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
---
 requirements.txt | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 24ba256..3db26ff 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,7 +1,9 @@
 beautifulsoup4==4.6.0
-flask>=0.12.3
+flask>=2.2.5
 tweepy==3.8.0
 gunicorn==19.10.0
 flask-cors==3.0.9
-requests>=2.20.0
+requests>=2.31.0
 Mastodon.py==1.6.3
+certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability
+werkzeug>=2.2.3 # not directly required, pinned by Snyk to avoid a vulnerability