[Issue #3356] Upgrade Jinja2 to 3.1.5 (#3368)

## Summary Fixes #3356 ### Time to review: 5 mins ## Changes proposed Upgrade Jinja2 to 3.1.5 in API and Analytics projects ## Context for reviewers The currently installed Jinja version was flagged for a medium vulnerability in CI ## Additional information More info on the run here: https://github.com/HHS/simpler-grants-gov/actions/runs/12481427243/job/34833926210#step:6:17
HHS · Dec 27, 2024 · 7d5d4f8 · 7d5d4f8
1 parent 9f9d41f
commit 7d5d4f8
Show file tree

Hide file tree

Showing 4 changed files with 10 additions and 8 deletions.
diff --git a/analytics/poetry.lock b/analytics/poetry.lock
diff --git a/analytics/pyproject.toml b/analytics/pyproject.toml
@@ -12,6 +12,7 @@ db-migrate = "analytics.cli:migrate_database"
 
 [tool.poetry.dependencies]
 dynaconf = "^3.2.4"
+jinja2 = ">=3.1.5"
 kaleido = "0.2.1"
 notebook = "^7.0.0"                               # Goal is to replace this with another method of presenting charts
 pandas = "^2.0.3"

diff --git a/api/poetry.lock b/api/poetry.lock
diff --git a/api/pyproject.toml b/api/pyproject.toml
@@ -28,6 +28,7 @@ flask-cors = "^5.0.0"
 opensearch-py = "^2.5.0"
 pyjwt = "^2.9.0"
 newrelic = "10.3.1"
+jinja2 = ">=3.1.5"
 
 [tool.poetry.group.dev.dependencies]
 black = "^24.0.0"