Merge pull request #11 from OKEAMAH/snyk-fix-6f79b78a214d0acd9d82c256…

…131a7908

requirements.txt

@@ -36,7 +36,7 @@ html5lib>=1.1    # Only used in tests
 inflect>= 6.0.2
 jsonfield>=3.1.0    # for SubmissionCheck.  This is https://github.com/bradjasper/django-jsonfield/.
 jsonschema[format]>=4.2.1
-jwcrypto>=1.2    # for signed notifications - this is aspirational, and is not really used.
+jwcrypto>=1.5.6    # for signed notifications - this is aspirational, and is not really used.
 logging_tree>=1.9    # Used only by the showloggers management command
 lxml>=4.8.0,<5
 markdown>=3.3.6
@@ -45,7 +45,7 @@ mock>=4.0.3    # Used only by tests, of course
 types-mock>=4.0.3
 mypy~=1.7.0    # Version requirements determined by django-stubs.
 oic>=1.3    # Used only by tests
-Pillow>=9.1.0
+Pillow>=10.3.0
 psycopg2>=2.9.6
 pyang>=2.5.3
 pyflakes>=2.4.0
@@ -59,12 +59,12 @@ pymemcache>=4.0.0  # for django.core.cache.backends.memcached.PyMemcacheCache
 python-mimeparse>=1.6    # from TastyPie
 pytz==2022.2.1   # Pinned as changes need to be vetted for their effect on Meeting fields
 types-pytz==2022.2.1   # match pytz version
-requests>=2.31.0
+requests>=2.32.0
 types-requests>=2.27.1
 requests-mock>=1.9.3
 rfc2html>=2.0.3
 scout-apm>=2.24.2
-selenium>=4.0
+selenium>=4.15.1
 tblib>=1.7.0    # So that the django test runner provides tracebacks
 tlds>=2022042700    # Used to teach bleach about which TLDs currently exist
 tqdm>=4.64.0
@@ -73,3 +73,5 @@ urllib3>=2
 weasyprint>=59
 xml2rfc>=3.12.4
 xym>=0.6,<1.0
+fonttools>=4.43.0 # not directly required, pinned by Snyk to avoid a vulnerability
+sqlparse>=0.5.0 # not directly required, pinned by Snyk to avoid a vulnerability