From de94106d084a3960b10b53cc4607a63b50bd3ec7 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 1 Nov 2024 10:13:56 +0000
Subject: [PATCH] fix:
 packages/snyk-fix/test/unit/plugins/python/workspaces/pip-app/requirements.txt
 to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1066259
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1279042
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1290072
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1298665
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2312875
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329158
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329159
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329160
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389002
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389021
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606966
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606969
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2940618
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2968205
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3319450
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40025
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40026
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40027
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40256
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40257
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40258
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40259
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40261
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40262
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40302
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40303
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40304
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40305
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40317
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40318
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40332
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40333
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40339
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40340
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40359
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40382
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40383
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40403
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40434
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40439
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40440
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40460
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-40461
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-42178
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5496950
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-559326
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5750790
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5880505
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5932095
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6041515
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6370660
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-72888
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7435780
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436273
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436514
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436646
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642790
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642791
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642813
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642814
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7886958
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7886959
- https://snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-174126
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-455616
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 .../plugins/python/workspaces/pip-app/requirements.txt     | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/packages/snyk-fix/test/unit/plugins/python/workspaces/pip-app/requirements.txt b/packages/snyk-fix/test/unit/plugins/python/workspaces/pip-app/requirements.txt
index f04136abf3..4341f3594a 100644
--- a/packages/snyk-fix/test/unit/plugins/python/workspaces/pip-app/requirements.txt
+++ b/packages/snyk-fix/test/unit/plugins/python/workspaces/pip-app/requirements.txt
@@ -1,8 +1,11 @@
-Jinja2==2.7.2
-Django==1.6.1
+Jinja2==3.1.4
+Django==4.2.16
 python-etcd==0.4.5
 Django-Select2==6.0.1 # this version installs with lowercase so it catches a previous bug in pip_resolve.py
 irc==16.2 # this has a cyclic dependency (internal jaraco.text <==> jaraco.collections)
 testtools==\
     2.3.0 # this has a cycle (fixtures ==> testtols);
 ./packages/prometheus_client-0.6.0
+dnspython>=2.6.1 # not directly required, pinned by Snyk to avoid a vulnerability
+urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability