From 49f514cde20ca27a6511678bc433d62280a9b7dc Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 30 May 2025 11:54:44 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-8309091
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-8309092
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements.txt | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index a270e81f..d4ed22c4 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,7 +1,7 @@
 setuptools==57.4.0
 elasticsearch==7.14.0
 netaddr==0.8.0
-flask==2.0.1
+flask==2.2.5
 terminable-thread==0.7.1 # library_name=terminable_thread
 watchdog==2.1.3
 pyshark==0.4.3
@@ -9,4 +9,6 @@ oschmod==0.3.12
 argparse==1.4.0
 PyYAML==5.4.1 # library_name=yaml
 flask-swagger==0.2.14 # library_name=flask_swagger
-flask-swagger-ui==3.36.0 # library_name=flask_swagger_ui
\ No newline at end of file
+flask-swagger-ui==3.36.0 # library_name=flask_swagger_ui
+werkzeug>=3.0.6 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file