From fbfbf4a6f439f4daac2485431ae7fd00ad75bdfa Mon Sep 17 00:00:00 2001
From: 1ngabo <162403908+Ingabreezy@users.noreply.github.com>
Date: Tue, 27 Jan 2026 20:00:47 +1100
Subject: [PATCH 1/2] Upgrade Jinja2 from 2.11.3 to 3.1.5

Updated Core DW Infrastructure/dremio-api requirements to a fixed Jinja2 version flagged by Trivy code scanning (sandbox breakout via format method)
---
 Core DW Infrastructure/dremio-api/requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Core DW Infrastructure/dremio-api/requirements.txt b/Core DW Infrastructure/dremio-api/requirements.txt
index ca8d543..d074a56 100644
--- a/Core DW Infrastructure/dremio-api/requirements.txt	
+++ b/Core DW Infrastructure/dremio-api/requirements.txt	
@@ -1,6 +1,6 @@
 Flask==1.1.4
-Jinja2==2.11.3
+Jinja2==3.1.5
 MarkupSafe==1.1.1
 requests
 pandas
-python-dotenv
\ No newline at end of file
+python-dotenv

From d08b92069dcad47f637671b5a8edc62d8fe3a2e6 Mon Sep 17 00:00:00 2001
From: 1ngabo <162403908+Ingabreezy@users.noreply.github.com>
Date: Fri, 30 Jan 2026 01:29:49 +1100
Subject: [PATCH 2/2] Update Jinja2 version to 3.1.6

---
 Core DW Infrastructure/dremio-api/requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Core DW Infrastructure/dremio-api/requirements.txt b/Core DW Infrastructure/dremio-api/requirements.txt
index d074a56..350be9c 100644
--- a/Core DW Infrastructure/dremio-api/requirements.txt	
+++ b/Core DW Infrastructure/dremio-api/requirements.txt	
@@ -1,5 +1,5 @@
 Flask==1.1.4
-Jinja2==3.1.5
+Jinja2==3.1.6
 MarkupSafe==1.1.1
 requests
 pandas