From ddb852fb34c704000139d9093de5503db2c28718 Mon Sep 17 00:00:00 2001
From: suryadev99 <81183603+suryadev99@users.noreply.github.com>
Date: Wed, 19 Jul 2023 18:50:30 +0530
Subject: [PATCH] Update requirements.txt (#3546)

updating packages to resolve vulnerabilities

![image](https://github.com/LAION-AI/Open-Assistant/assets/81183603/41d35d73-a850-4ac0-980c-c2723c8f872b)


pyca/cryptography's wheels include a statically linked copy of OpenSSL.
The versions of OpenSSL included in cryptography 0.5-40.0.2 are
vulnerable to a security issue. More details about the vulnerability
itself can be found in https://www.openssl.org/news/secadv/20230530.txt.


Refer to Github security advisory
[GHSA-5cpq-8wj7-hf2v](https://github.com/advisories/GHSA-5cpq-8wj7-hf2v)
for updates and patch information.
---
 backend/requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/requirements.txt b/backend/requirements.txt
index 8d95299366..b5cf3ca991 100644
--- a/backend/requirements.txt
+++ b/backend/requirements.txt
@@ -2,7 +2,7 @@ aiohttp==3.8.3
 alembic==1.8.1
 asgiref==3.6.0
 Celery==5.2.0
-cryptography==39.0.0
+cryptography==41.0.0
 fastapi==0.88.0
 fastapi-limiter==0.1.5
 fastapi-utils==0.2.1
@@ -15,7 +15,7 @@ pydantic[email]==1.10.4
 python-dotenv==0.21.0
 python-jose[cryptography]==3.3.0
 redis==4.5.5
-requests==2.30.0
+requests==2.31.0
 scipy==1.8.1
 SQLAlchemy==1.4.41
 sqlmodel==0.0.8