From 6b441ad556d5ecb88286a1b2770ebcb752522c9e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 9 Nov 2022 00:25:57 +0000
Subject: [PATCH] fix: test-requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108
- https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-2855277
- https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-40448
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-174126
- https://snyk.io/vuln/SNYK-PYTHON-NETWORKX-1062709
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-42159
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-559098
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151
- https://snyk.io/vuln/SNYK-PYTHON-WHEEL-3092128
---
 test-requirements.txt | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/test-requirements.txt b/test-requirements.txt
index a43df81f..ecb965ea 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -8,3 +8,8 @@ pylint
 pytest
 # for integration and platform tests
 cloudify>=3.4.1
+bottle>=0.12.20 # not directly required, pinned by Snyk to avoid a vulnerability
+jinja2>=2.11.3 # not directly required, pinned by Snyk to avoid a vulnerability
+networkx>=2.6 # not directly required, pinned by Snyk to avoid a vulnerability
+pyyaml>=5.4 # not directly required, pinned by Snyk to avoid a vulnerability
+wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability