From 1ab6f74f6e15a7c8b50bfa7cd5900dd4130ec0cb Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 25 Apr 2024 00:51:38 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-5798483
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6057353
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091621
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091622
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091623
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209406
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209407
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6645291
- https://snyk.io/vuln/SNYK-PYTHON-DATEPARSER-1063229
- https://snyk.io/vuln/SNYK-PYTHON-DATEPARSER-6096127
- https://snyk.io/vuln/SNYK-PYTHON-ETHABI-6085292
- https://snyk.io/vuln/SNYK-PYTHON-ETHABI-6394102
- https://snyk.io/vuln/SNYK-PYTHON-ETHKEYFILE-2391482
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-MPMATH-1729743
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-SYMPY-6084333
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
- https://snyk.io/vuln/SNYK-PYTHON-WEBSOCKETS-1582792
---
 requirements.txt | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 754094d..f1b0951 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,16 +1,21 @@
-aiohttp==3.8.1
+aiohttp==3.9.4
 cytoolz==0.11.2
-dateparser==1.0.0
+dateparser==1.1.6
 ecdsa==0.16.0
 eth_keys
 eth-account>=0.4.0,<0.6.0
-mpmath==1.0.0
+mpmath==1.3.0
 pytest>=4.4.0,<5.0.0
 requests-mock==1.6.0
-requests==2.22.0
+requests==2.31.0
 setuptools==50.3.2
 six==1.14
-sympy==1.6
+sympy==1.12
 tox==3.25.0
 web3>=5.0.0,<6.0.0
 importlib-metadata>=1.6.1
+eth-abi>=5.0.1 # not directly required, pinned by Snyk to avoid a vulnerability
+eth-keyfile>=0.6.0 # not directly required, pinned by Snyk to avoid a vulnerability
+idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability
+urllib3>=1.26.18 # not directly required, pinned by Snyk to avoid a vulnerability
+websockets>=10.0 # not directly required, pinned by Snyk to avoid a vulnerability