From 4c14fb9bb9ad8bcd5d940e6f95110072fb6720e4 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 10 Jul 2024 07:22:27 +0000
Subject: [PATCH 1/2] fix: requirements-dev.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements-dev.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/requirements-dev.txt b/requirements-dev.txt
index 5302a18..02acffb 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -4,3 +4,4 @@ isort
 pylint
 pylint-exit
 pytest
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability

From 0e70b9c95981ccdd1acb54feea507d6450807e38 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 10 Jul 2024 18:04:16 +0000
Subject: [PATCH 2/2] chore(pip-prod)(deps): bump tomlkit from 0.12.5 to 0.13.0

Bumps [tomlkit](https://github.com/sdispater/tomlkit) from 0.12.5 to 0.13.0.
- [Release notes](https://github.com/sdispater/tomlkit/releases)
- [Changelog](https://github.com/python-poetry/tomlkit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sdispater/tomlkit/compare/0.12.5...0.13.0)

---
updated-dependencies:
- dependency-name: tomlkit
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 0c2877b..68b2fec 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -37,7 +37,7 @@ sentry-sdk==2.7.1
 six==1.16.0
 toml==0.10.2
 tomli==2.0.1
-tomlkit==0.12.5
+tomlkit==0.13.0
 urllib3==2.2.2
 virtualenv==20.26.3
 webex-bot==0.5.1