From 44dccd72c1790ee7496b2727edb7723c1f650c4c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 24 Oct 2024 04:46:08 +0000
Subject: [PATCH] fix: api-service/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-7886970
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-WHEEL-3180413
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 api-service/requirements.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/api-service/requirements.txt b/api-service/requirements.txt
index 6c07fcca6d..09450c6ffb 100644
--- a/api-service/requirements.txt
+++ b/api-service/requirements.txt
@@ -65,7 +65,7 @@ cloudify-rest-service @ https://github.com/cloudify-cosmo/cloudify-manager/archi
     # via
     #   -r requirements.in
     #   cloudify-api (setup.py)
-cryptography==43.0.0
+cryptography==43.0.1
     # via cloudify-rest-service
 distro==1.9.0
     # via
@@ -266,3 +266,4 @@ wtforms==3.1.2
     # via flask-wtf
 yarl==1.9.4
     # via aiohttp
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability