From c5f8b2d074f03f469e67a47eb6e7038656b9d568 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 1 Sep 2024 09:26:23 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-AUTOBAHN-1054590
- https://snyk.io/vuln/SNYK-PYTHON-BABEL-1278589
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-1022152
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3172287
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3314966
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315324
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315328
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315331
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315452
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315972
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315975
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316038
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316211
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5663682
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5777683
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813745
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813746
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813750
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5914629
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6036192
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6050294
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6126975
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6210214
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6913422
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129
- https://snyk.io/vuln/SNYK-PYTHON-FUTURE-3180414
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-MAKO-3017600
- https://snyk.io/vuln/SNYK-PYTHON-MARSHMALLOW-72559
- https://snyk.io/vuln/SNYK-PYTHON-PASSLIB-569603
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1055461
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1055462
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1059090
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1080635
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1080654
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1081494
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1081501
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1081502
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1082329
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1082750
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090584
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090586
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090587
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090588
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1292150
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1292151
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1316216
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1319443
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2329135
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331901
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331905
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331907
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2397241
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-3113875
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-3113876
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-540746
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-541323
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-541324
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-541325
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-541326
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574573
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574574
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574575
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574576
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574577
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866
- https://snyk.io/vuln/SNYK-PYTHON-PROMPTTOOLKIT-6141120
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-1584201
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-5426157
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674
- https://snyk.io/vuln/SNYK-PYTHON-TQDM-6807582
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1014645
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-174323
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-174464
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5969479
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-WEBARGS-173773
- https://snyk.io/vuln/SNYK-PYTHON-WEBARGS-564231
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
- https://snyk.io/vuln/SNYK-PYTHON-WTFORMS-40581
---
 requirements.txt | 43 ++++++++++++++++++++++---------------------
 1 file changed, 22 insertions(+), 21 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 5e767a8..19b82cd 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,9 +1,9 @@
 alembic==1.0.11.dev0
 asn1crypto==0.24.0
 attrs==18.2.0
-autobahn==17.10.1
+autobahn==20.12.3
 Automat==0.6.0
-Babel==2.6.0
+Babel==2.9.1
 backports-abc==0.5
 backports.functools-lru-cache==1.5
 backports.shutil-get-terminal-size==1.0.0
@@ -12,7 +12,7 @@ beautifulsoup4==4.8.0
 blinker==1.4
 bottle==0.12.15
 cbor==1.0.0
-certifi==2018.8.24
+certifi==2023.7.22
 Chameleon==2.24
 chardet==3.0.4
 CherryTree==0.38.8
@@ -20,7 +20,7 @@ Click==7.0
 colorama==0.3.7
 configparser==3.5.0b2
 constantly==15.1.0
-cryptography==2.6.1
+cryptography==42.0.8
 cssselect==1.1.0
 Cython==0.29.14
 dbus-python==1.2.12
@@ -36,7 +36,7 @@ faradaysec==3.9.3
 feedparser==5.2.1
 filedepot==0.5.2
 filteralchemy==0.1.0
-Flask==1.1.1
+Flask==2.2.5
 Flask-BabelEx==0.9.3
 Flask-Classful==0.14.1
 Flask-KVSession==0.6.2
@@ -49,13 +49,13 @@ Flask-Session==0.3.1
 Flask-SQLAlchemy==2.4.0
 Flask-WTF==0.14.2
 FormEncode==1.3.0
-future==0.16.0
+future==0.18.3
 futures==3.3.0
 html2text==2019.8.11
 html5lib==1.0.1
 hupper==1.5
 hyperlink==17.3.1
-idna==2.6
+idna==3.7
 impacket==0.9.20
 incremental==16.10.1
 ipaddress==1.0.17
@@ -63,15 +63,15 @@ IPy==0.83
 ipython==5.8.0
 ipython-genutils==0.2.0
 itsdangerous==0.24
-Jinja2==2.10.1
+Jinja2==3.1.4
 jsbeautifier==1.6.4
 keyring==18.0.1
 keyrings.alt==3.2.0
 lxml==4.4.1
 lz4==2.1.10+dfsg
-Mako==1.0.7
+Mako==1.2.2
 MarkupSafe==1.1.0
-marshmallow==3.0.0b3
+marshmallow==3.0.0b9
 marshmallow-sqlalchemy==0.14.1
 mimerender==0.6.0
 netaddr==0.7.19
@@ -80,7 +80,7 @@ numpy==1.16.5
 olefile==0.46
 packaging==19.1
 paramiko==2.6.0
-passlib==1.7.1
+passlib==1.7.3
 Paste==3.2.2
 PasteDeploy==2.0.1
 PasteScript==2.0.2
@@ -89,11 +89,11 @@ peepdf==0.4.2
 pefile==2019.4.18
 pexpect==4.6.0
 pickleshare==0.7.5
-Pillow==6.2.0
+Pillow==10.3.0
 plaster==1.0
 plaster-pastedeploy==0.5
 prettytable==0.7.2
-prompt-toolkit==1.0.15
+prompt-toolkit==3.0.13
 psycopg2==2.8.4
 py-ubjson==0.14.0
 pyasn1==0.4.2
@@ -103,7 +103,7 @@ pycrypto==2.6.1
 pycryptodomex==3.6.1
 pydot==1.4.1
 pyenchant==2.0.0
-Pygments==2.3.1
+Pygments==2.15.0
 PyGObject==3.34.0
 pyinotify==0.9.6
 pylibemu==0.3.3
@@ -131,7 +131,7 @@ pyxdg==0.26
 PyYAML==5.1.2
 qrcode==6.1
 repoze.lru==0.7
-requests==2.21.0
+requests==2.32.2
 scandir==1.10.0
 scapy==2.4.3
 scgi==1.13
@@ -147,12 +147,12 @@ soupsieve==1.9.4
 speaklater==1.3
 SQLAlchemy==1.3.10
 sqlalchemy-schemadisplay==1.3
-sqlparse==0.2.4
+sqlparse==0.5.0
 syslog-rfc5424-formatter==1.2.2
 Tempita==0.5.2
 termcolor==1.1.0
 tornado==5.1.1
-tqdm==4.28.1
+tqdm==4.66.3
 traitlets==4.3.3
 translationstring==1.3
 trollius==2.0.1
@@ -161,22 +161,23 @@ txaio==2.10.0
 typing==3.6.6
 u-msgpack-python==2.1
 Unidecode==1.1.1
-urllib3==1.24.1
+urllib3==1.26.19
 uTidylib==0.5
 venusian==1.2.0
 waitress==1.2.0b2
 wcwidth==0.1.7
-webargs==5.1.2
+webargs==5.5.3
 webencodings==0.5.1
 WebOb==1.8.5
 websocket-client==0.53.0
 WebTest==2.0.32
-Werkzeug==0.16.0
+Werkzeug==3.0.3
 wifite==2.2.5
 wsaccel==0.6.2
-WTForms==2.2.1
+WTForms==2.3.0
 zope.component==4.3.0
 zope.deprecation==4.4.0
 zope.event==4.2.0
 zope.hookable==4.0.4
 zope.interface==4.6.0
+setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability