From b864f6c68d17aa9f6552e8d2d5a466f8d372afb7 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 12 Mar 2025 05:00:39 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-OAUTHLIB-3021142
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
---
 requirements.txt | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 07c3787..793309a 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,17 +1,18 @@
 cachetools==4.2.4
-certifi==2022.9.14
+certifi==2024.7.4
 charset-normalizer==2.0.12
 google-auth==2.11.1
-idna==3.4
+idna==3.7
 kubernetes==24.2.0
-oauthlib==3.2.1
+oauthlib==3.2.2
 pyasn1==0.4.8
 pyasn1-modules==0.2.8
 python-dateutil==2.8.2
 PyYAML==6.0
-requests==2.27.1
+requests==2.32.2
 requests-oauthlib==1.3.1
 rsa==4.9
 six==1.16.0
-urllib3==1.26.12
+urllib3==1.26.19
 websocket-client==1.3.1
+setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability