From 70fc0a616fb7e292e9cd2fcb7e76e09f44de99ad Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 13 Jun 2024 20:43:47 +0000
Subject: [PATCH] fix: app-engine/demo-version-index/requirements.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
---
 app-engine/demo-version-index/requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/app-engine/demo-version-index/requirements.txt b/app-engine/demo-version-index/requirements.txt
index ae64326a2f..d0c5cbe03c 100644
--- a/app-engine/demo-version-index/requirements.txt
+++ b/app-engine/demo-version-index/requirements.txt
@@ -3,3 +3,4 @@
 # SPDX-License-Identifier: Apache-2.0
 
 Flask==2.2.5
+werkzeug>=3.0.3 # not directly required, pinned by Snyk to avoid a vulnerability