From ed311766bba1dead507adff3921c2a23fc91c3ef Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 6 Feb 2026 08:14:00 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-15183335
- https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-15090738
---
 requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 671de96..1925734 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,7 +3,7 @@ CacheControl==0.12.5
 cachetools==3.1.1
 certifi==2019.9.11
 chardet==3.0.4
-Django==2.2.6
+Django==4.2.28
 django-uuidfield==0.5.0
 fcm-django==0.3.2
 firebase-admin==3.1.0
@@ -26,7 +26,7 @@ lazy-object-proxy==1.4.3
 mccabe==0.6.1
 msgpack==0.6.2
 oauth2client==3.0.0
-protobuf==3.10.0
+protobuf==5.29.6
 pyasn1==0.4.7
 pyasn1-modules==0.2.7
 pycryptodome==3.9.0