From e34dea1119e73a6e12fbd18c8c85af37415dbce2 Mon Sep 17 00:00:00 2001
From: "geo-ghci-int[bot]"
 <146321879+geo-ghci-int[bot]@users.noreply.github.com>
Date: Fri, 12 Jul 2024 20:29:40 +0000
Subject: [PATCH] Audit Snyk check/fix prod-2-8-advance

---
 CONST_create_template/ci/requirements.txt |  1 +
 ci/requirements.txt                       |  1 +
 custom/poetry.lock                        | 10 +++++-----
 custom/pyproject.toml                     |  1 +
 custom/requirements.txt                   |  1 +
 5 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/CONST_create_template/ci/requirements.txt b/CONST_create_template/ci/requirements.txt
index 292f65ad8..bd3ee62b0 100644
--- a/CONST_create_template/ci/requirements.txt
+++ b/CONST_create_template/ci/requirements.txt
@@ -1 +1,2 @@
 c2cciutils[checks,publish]==1.4.17
+certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/ci/requirements.txt b/ci/requirements.txt
index 292f65ad8..bd3ee62b0 100644
--- a/ci/requirements.txt
+++ b/ci/requirements.txt
@@ -1 +1,2 @@
 c2cciutils[checks,publish]==1.4.17
+certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/custom/poetry.lock b/custom/poetry.lock
index ca365f9bf..d2b9f5b5b 100644
--- a/custom/poetry.lock
+++ b/custom/poetry.lock
@@ -1,4 +1,4 @@
-# This file is automatically @generated by Poetry 1.6.1 and should not be changed by hand.
+# This file is automatically @generated by Poetry 1.8.3 and should not be changed by hand.
 
 [[package]]
 name = "alembic"
@@ -128,13 +128,13 @@ files = [
 
 [[package]]
 name = "certifi"
-version = "2024.6.2"
+version = "2024.7.4"
 description = "Python package for providing Mozilla's CA Bundle."
 optional = false
 python-versions = ">=3.6"
 files = [
-    {file = "certifi-2024.6.2-py3-none-any.whl", hash = "sha256:ddc6c8ce995e6987e7faf5e3f1b02b302836a0e5d98ece18392cb1a36c72ad56"},
-    {file = "certifi-2024.6.2.tar.gz", hash = "sha256:3cd43f1c6fa7dedc5899d69d3ad0398fd018ad1a17fba83ddaf78aa46c747516"},
+    {file = "certifi-2024.7.4-py3-none-any.whl", hash = "sha256:c198e21b1289c2ab85ee4e67bb4b4ef3ead0892059901a8d5b622f24a1101e90"},
+    {file = "certifi-2024.7.4.tar.gz", hash = "sha256:5a1e7645bc0ec61a09e26c36f6106dd4cf40c6db3a1fb6352b0244e7fb057c7b"},
 ]
 
 [[package]]
@@ -2161,4 +2161,4 @@ test = ["zope.testing"]
 [metadata]
 lock-version = "2.0"
 python-versions = ">=3.9,<3.11"
-content-hash = "dc3eaf9017845698b5fd313393e2dce7374a9a330187f78fcc6e601e31cc2508"
+content-hash = "3d12647e49e8a8f6ea12c5556ca7039bd989007e06f002852c7854aa27408cb5"
diff --git a/custom/pyproject.toml b/custom/pyproject.toml
index 286b9a3d7..125643a22 100644
--- a/custom/pyproject.toml
+++ b/custom/pyproject.toml
@@ -29,6 +29,7 @@ PyYAML = "6.0.1"
 sentry-sdk = "2.7.1"
 requests-oauthlib = "2.0.0"
 ujson = "5.10.0"
+certifi = "2024.7.4"
 
 [tool.poetry.group.dev.dependencies]
 prospector = { version = "1.10.3", extras = ["with_bandit", "with_mypy"] }
diff --git a/custom/requirements.txt b/custom/requirements.txt
index 65e7a6ca2..6c927371e 100644
--- a/custom/requirements.txt
+++ b/custom/requirements.txt
@@ -1 +1,2 @@
 poetry==1.8.3
+certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability