diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 040ba0d..afde5d7 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -146,7 +146,7 @@ jobs:
           config-path: .gitleaks.toml
       - name: Check for secrets using detect-secrets
         run: |
-          git ls-files -z | xargs -0 detect-secrets-hook --baseline .secrets.baseline --exclude-files 'Pipfile\.lock$' --exclude-files '.*\.html$' --exclude-files '.*\.properties$' --exclude-files 'ci.yml' --exclude-files '\.git'
+          git ls-files -z | xargs -0 detect-secrets-hook --baseline .secrets.baseline --exclude-files 'Pipfile\.lock$' --exclude-files '.*\.html$' --exclude-files '.*\.properties$' --exclude-files 'ci.yml' --exclude-files '\.git' --exclude-files '.*_version.py'
         working-directory: .
 
   build-and-test:
diff --git a/.secrets.baseline b/.secrets.baseline
index 166664e..d81a3a8 100644
--- a/.secrets.baseline
+++ b/.secrets.baseline
@@ -95,20 +95,12 @@
         ".*\\.html$",
         ".*\\.properties$",
         "ci.yml",
-        "\\.git"
+        "\\.git",
+        ".*_version.py"
       ]
     }
   ],
   "results": {
-    "continuous_delivery_scripts/_version.py": [
-      {
-        "type": "Hex High Entropy String",
-        "filename": "continuous_delivery_scripts/_version.py",
-        "hashed_secret": "f3d16e7d1a0b93bedefb9247f07cb355f6be3e03",
-        "is_verified": false,
-        "line_number": 14
-      }
-    ],
     "continuous_delivery_scripts/plugins/python.py": [
       {
         "type": "Secret Keyword",
@@ -433,5 +425,5 @@
       }
     ]
   },
-  "generated_at": "2022-02-17T16:37:22Z"
+  "generated_at": "2022-02-21T18:17:19Z"
 }
diff --git a/DEVELOPMENT.md b/DEVELOPMENT.md
index 3046995..dedc1aa 100644
--- a/DEVELOPMENT.md
+++ b/DEVELOPMENT.md
@@ -187,6 +187,6 @@ For the latter, False positive keys are stored in the [baseline](./.secrets.base
 
 To flag individual false positives add comment `# pragma: allowlist secret` to line with secret
 
-To add all suspected secrets in the repository (excluding ones with an allow secret comment), run `detect-secrets scan --all-files --exclude-files 'Pipfile\.lock$' --exclude-files '.*\.html$' --exclude-files '.*\.properties$' --exclude-files 'ci.yml' --exclude-files '\.git' > .secrets.baseline`
+To add all suspected secrets in the repository (excluding ones with an allow secret comment), run `detect-secrets scan --all-files --exclude-files 'Pipfile\.lock$' --exclude-files '.*\.html$' --exclude-files '.*\.properties$' --exclude-files 'ci.yml' --exclude-files '\.git' --exclude-files '.*_version.py' > .secrets.baseline`
 
 If on Windows: then change the encoding of the .secrets.baseline file to UTF-8 then convert all `\` to `/` in the .secrets.baseline file
\ No newline at end of file
diff --git a/news/202202211807.bugfix b/news/202202211807.bugfix
new file mode 100644
index 0000000..e1ef722
--- /dev/null
+++ b/news/202202211807.bugfix
@@ -0,0 +1 @@
+Fixing markupsafe version to solve Jinja's(dependency issue)[https://github.com/pallets/markupsafe/issues/284]
diff --git a/setup.py b/setup.py
index 6871fcb..0c619ef 100644
--- a/setup.py
+++ b/setup.py
@@ -70,6 +70,8 @@
         "jellyfish",
         "jinja2==2.11.3",
         "dataclasses; python_version<'3.7'",
+        # FIXME fixing markupsafe to solve https://github.com/pallets/markupsafe/issues/284 until jinja is upgraded
+        "markupsafe==2.0.1",
     ],
     license="Apache 2.0",
     long_description_content_type="text/markdown",