From 8de29e101f300e8ec8e3486c59f229703860a4b8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 11 Jan 2024 01:35:58 +0000
Subject: [PATCH] fix: requirements-to-freeze.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091621
- https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091622
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
---
 requirements-to-freeze.txt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/requirements-to-freeze.txt b/requirements-to-freeze.txt
index 67898ca..25e71da 100644
--- a/requirements-to-freeze.txt
+++ b/requirements-to-freeze.txt
@@ -16,3 +16,5 @@ coverage
 # development
 flake8
 black
+aiohttp>=3.9.0 # not directly required, pinned by Snyk to avoid a vulnerability
+werkzeug>=2.3.8 # not directly required, pinned by Snyk to avoid a vulnerability