From 2f166d0de1eda11e949f5dcdddb969552c0bc37a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 12 Nov 2023 08:01:23 +0000
Subject: [PATCH] fix: packages/nano/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-PYJWT-2840625
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-WHEEL-3180413
---
 packages/nano/requirements.txt | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/packages/nano/requirements.txt b/packages/nano/requirements.txt
index d880f10..733afd4 100644
--- a/packages/nano/requirements.txt
+++ b/packages/nano/requirements.txt
@@ -5,3 +5,6 @@ gitpython>=3.1.30 # not directly required, pinned by Snyk to avoid a vulnerabili
 setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
 tftpy>=0.8.1 # not directly required, pinned by Snyk to avoid a vulnerability
 wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability
+certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability
+pyjwt>=2.4.0 # not directly required, pinned by Snyk to avoid a vulnerability
+requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability