From 42e6f5bee3ecf9c9c1b090a52647001ab7ebfb1f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 22 May 2024 10:33:17 +0000
Subject: [PATCH 1/2] fix: dev-requirements-2.9.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
---
 dev-requirements-2.9.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/dev-requirements-2.9.txt b/dev-requirements-2.9.txt
index 98d88194..d070d2e6 100644
--- a/dev-requirements-2.9.txt
+++ b/dev-requirements-2.9.txt
@@ -14,3 +14,4 @@ python-magic==0.4.18
 progressbar==2.5
 
 pika>=1.1.0,<1.3.0 # resolve harvester conflict
+requests>=2.32.0 # not directly required, pinned by Snyk to avoid a vulnerability

From 14019733afe6225fd784ead2b189ff65b632a282 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 20 Jun 2024 06:32:22 +0000
Subject: [PATCH 2/2] fix: dev-requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
---
 dev-requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/dev-requirements.txt b/dev-requirements.txt
index c669c32f..be15fa40 100644
--- a/dev-requirements.txt
+++ b/dev-requirements.txt
@@ -14,3 +14,4 @@ python-magic==0.4.18
 progressbar==2.5
 
 pika>=1.1.0,<1.3.0 # resolve harvester conflict
+urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability