From 634dca0b6a33e14d713324610d77ebf7918bba5e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 4 Nov 2022 04:13:02 +0000
Subject: [PATCH] fix: giza/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-174126
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-455616
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-42159
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-559098
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151
---
 giza/requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/giza/requirements.txt b/giza/requirements.txt
index 51052ec40..bf915f4e9 100644
--- a/giza/requirements.txt
+++ b/giza/requirements.txt
@@ -12,7 +12,7 @@ giza==0.5.7a0
 hieroglyph==0.7.1
 idna==2.0
 ipaddress==1.0.16
-Jinja2==2.8
+Jinja2==2.11.3
 jira==1.0.3
 libgiza==0.2.7
 MarkupSafe==0.23
@@ -25,7 +25,7 @@ pycparser==2.14
 Pygments==2.1.1
 pyOpenSSL==0.15.1
 pytz==2015.7
-PyYAML==3.11
+PyYAML==5.4
 requests==2.9.1
 requests-oauthlib==0.6.0
 requests-toolbelt==0.6.0