From c500a8f0f0aee970f9e2176c51707cea2af4e30a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 20 Feb 2022 05:50:58 +0000
Subject: [PATCH] fix: services/workshop/requirements.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORK-1090569
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435
---
 services/workshop/requirements.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/services/workshop/requirements.txt b/services/workshop/requirements.txt
index 498ddef8..86e23221 100644
--- a/services/workshop/requirements.txt
+++ b/services/workshop/requirements.txt
@@ -5,8 +5,9 @@ PyJWT==1.7.1
 requests==2.24.0
 django-cors-headers==3.4.0
 bcrypt==3.1.7
-djangorestframework==3.11.0
+djangorestframework==3.11.2
 django-health-check==3.12.1
 django-extended-choices==1.3.3
 djongo==1.3.3
-django-db-cascade-2
\ No newline at end of file
+django-db-cascade-2
+urllib3>=1.26.5 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file