From 94eea26c966c5064bb8848e88a16aa88b621514f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 5 Oct 2022 15:46:09 +0000
Subject: [PATCH] fix: test-requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-1017108
- https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-2855277
- https://snyk.io/vuln/SNYK-PYTHON-BOTTLE-40448
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-174126
- https://snyk.io/vuln/SNYK-PYTHON-NETWORKX-1062709
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-42159
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-559098
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151
---
 test-requirements.txt | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/test-requirements.txt b/test-requirements.txt
index a43df81f..3a55b392 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -8,3 +8,7 @@ pylint
 pytest
 # for integration and platform tests
 cloudify>=3.4.1
+pyyaml>=5.4 # not directly required, pinned by Snyk to avoid a vulnerability
+networkx>=2.6 # not directly required, pinned by Snyk to avoid a vulnerability
+jinja2>=2.11.3 # not directly required, pinned by Snyk to avoid a vulnerability
+bottle>=0.12.20 # not directly required, pinned by Snyk to avoid a vulnerability