From b0ed5f1bd3edac34e442c26a9dcbedba4d751cad Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 21 Feb 2022 16:28:05 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-2407255
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 6060cbe23..3150779ca 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -20,7 +20,7 @@ dicttoxml==1.7.4
 
 # fails on requiring newer version of setuptools
 #Flask==0.10.1
-GitPython==2.1.15
+GitPython==3.1.27
 
 # this GCP API is surprisingly awful, not using
 #google-api-python-client==1.11.0