From ffb3f1671c519a804853a8912f99ed265ea51818 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 1 Oct 2020 21:18:17 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1014645
---
 requirements.txt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/requirements.txt b/requirements.txt
index e8ca893193..546dd9d072 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -66,3 +66,5 @@ werkzeug==0.16.1
 # Uncomment the requirement for ldap3 if using ldap.
 # It is not included by default because of the GPL license conflict.
 # ldap3==2.2.4
+
+urllib3>=1.25.9 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file