From 3739584d97835aef63311e297cb7c4634ba126f0 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 22 Sep 2023 04:19:47 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-BOTOCORE-5812631
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
---
 requirements.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index b8b6f53..9ea2c0f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,9 +1,9 @@
 base58==0.2.3
 boto3==1.4.5
-botocore==1.4.42
+botocore==1.9.12
 click==6.6
 docutils==0.12
-Flask==1.0
+Flask==2.2.5
 futures==3.0.5
 hjson==2.0.0
 itsdangerous==0.24
@@ -21,7 +21,7 @@ s3transfer==0.1.1
 six==1.10.0
 tqdm==4.11.2
 Unidecode==0.4.19
-Werkzeug==0.15.5
+Werkzeug==2.2.3
 wsgi-request-logger==0.4.5
 zappa==0.20.2
 wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability