From 55895285503ea0614a9eb8851741637b4d4da8f5 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 14 Oct 2023 22:01:40 +0000
Subject: [PATCH] fix: requirements/base.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858
- https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5840584
- https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5871282
- https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5876644
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5489784
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
- https://snyk.io/vuln/SNYK-PYTHON-REDIS-5291195
- https://snyk.io/vuln/SNYK-PYTHON-REDIS-5291196
---
 requirements/base.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index 1d60d0d8..42779072 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -1,13 +1,13 @@
 # https://github.com/stub42/pytz
 pytz==2022.7
 # https://github.com/python-pillow/Pillow
-Pillow==9.3.0
+Pillow==10.0.1
 # https://github.com/hynek/argon2_cffi
 argon2-cffi==21.3.0
 # https://github.com/evansd/whitenoise
 whitenoise==6.2.0
 # https://github.com/andymccurdy/redis-py
-redis==4.4.0
+redis==4.4.4
 # https://github.com/redis/hiredis-py
 hiredis==2.1.0
 # https://github.com/psycopg/psycopg2
@@ -115,7 +115,7 @@ pycryptodome==3.16.0
 # Yara
 # ------------------------------------------------------------------------------
 # https://github.com/gitpython-developers/GitPython
-GitPython==3.1.29
+GitPython==3.1.35
 # https://github.com/frostming/marko
 marko==1.2.2