Pin jwcrypto and requests libraries to ensure safe version is used

Author: kneckinator

requirements.txt

@@ -7,16 +7,17 @@ faker
 fastapi==0.112.2
 geojson
 jsonschema
-jwcrypto
+jwcrypto>=1.5.6
 numpy>=1.22.2
 pyjwt>=2.4.0
 pyproj
 python-magic
 pytz
 qrcode
+requests>=2.32.3
 shapely
 simplejson
 swagger_spec_validator
-urllib3>=2.2.2
+urllib3>=2.4.0
 xlrd
 zipp>=3.19.1

spp_base/__manifest__.py

@@ -34,7 +34,15 @@
         "spp_farmer_registry_base",
     ],
     "external_dependencies": {
-        "python": ["fastapi==0.112.2", "extendable_pydantic==1.3.0", "numpy>=1.22.2", "urllib3>=2.2.2", "zipp>=3.19.1"]
+        "python": [
+            "fastapi==0.112.2",
+            "extendable_pydantic==1.3.0",
+            "numpy>=1.22.2",
+            "urllib3>=2.4.0",
+            "zipp>=3.19.1",
+            "jwcrypto>=1.5.6",
+            "requests>=2.32.3",
+        ]
     },  # not directly required, pinned by Snyk to avoid a vulnerability and for fastapi, compatibility issues.
     "data": [
         "data/global_roles.xml",

spp_encryption/__manifest__.py

@@ -9,7 +9,7 @@
     "development_status": "Beta",
     "maintainers": ["jeremi", "gonzalesedwin1123"],
     "depends": ["g2p_encryption"],
-    "external_dependencies": {"python": ["jwcrypto"]},
+    "external_dependencies": {"python": ["jwcrypto>=1.5.6"]},
     "data": ["views/encryption_provider.xml"],
     "assets": {},
     "demo": [],