From 07b5f45d3dd151da9605447c37208e5215e02bac Mon Sep 17 00:00:00 2001
From: Louis Dionne <ldionne.2@gmail.com>
Date: Mon, 6 Oct 2025 09:34:39 -0400
Subject: [PATCH] [deps] Bump requirement of Jinja2 to 3.1.6

Also, move the pinning down to requirements.server.txt.
This should resolve a few Dependabot alerts.

Supersedes #44
---
 requirements.server.txt | 1 +
 setup.py                | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/requirements.server.txt b/requirements.server.txt
index 24853b1a..e0982f61 100644
--- a/requirements.server.txt
+++ b/requirements.server.txt
@@ -2,4 +2,5 @@
 .
 psycopg2==2.8
 gunicorn==19.9.0
+Jinja2==3.1.6
 progressbar2
diff --git a/setup.py b/setup.py
index 8e193256..2d41794e 100644
--- a/setup.py
+++ b/setup.py
@@ -119,7 +119,7 @@
         "aniso8601==1.2.0",
         "Flask==0.12.2",
         "Flask-RESTful==0.3.4",
-        "Jinja2==2.11.3",
+        "Jinja2",
         "MarkupSafe==1.1.1",
         "SQLAlchemy==1.3.24",
         "Werkzeug==0.15.6",