From 26f4ca63ca71d0f5dbed09f549da975f2643f9a8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 6 Mar 2020 20:07:55 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-42185
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-451637
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-174126
- https://snyk.io/vuln/SNYK-PYTHON-LXML-72651
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-72435
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-174323
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-174464
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-72681
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-458931
---
 requirements.txt | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 233eaef0..374df662 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,9 +1,9 @@
 APScheduler==3.3.1
-Flask==0.12.2
+Flask==0.12.3
 Flask-Assets==0.12
-Jinja2==2.9.6
+Jinja2==2.10.1
 MarkupSafe==1.0
-Werkzeug==0.12.2
+Werkzeug==0.15.3
 certifi==2017.4.17
 chardet==3.0.3
 click==6.7
@@ -15,18 +15,18 @@ google-api-python-client==1.6.2
 httplib2==0.10.3
 idna==2.5
 itsdangerous==0.24
-lxml==3.6.0
+lxml==4.2.5
 oauth2client==4.1.1
 pyasn1==0.2.3
 pyasn1-modules==0.0.9
 pyquery==1.2.17
 pytz==2017.2
-requests==2.17.3
+requests==2.20
 rsa==3.4.2
 six==1.10.0
 soco==0.12
 tzlocal==1.4
 uritemplate==3.0.0
-urllib3==1.21.1
+urllib3==1.24.3
 webassets==0.12.1
 xmltodict==0.11.0