From b6d45eba6609adba720b8a63f5c8ff0bbb1cff2c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 18 May 2024 19:19:06 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-BANDIT-6241859
- https://snyk.io/vuln/SNYK-PYTHON-BLACK-6256273
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
---
 requirements.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 8b5a694..f10baae 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,9 +3,10 @@ twine==3.4.1
 tox==3.23.1
 pytest-cov==2.12.1
 pylint==2.8.3
-black==21.6b0
+black==24.3.0
 Sphinx==4.0.2
 antlr4-python3-runtime==4.9.2
 multipledispatch==0.6.0
-bandit==1.7.0
+bandit==1.7.7
 flake8==3.9.2
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability