fix: requirements.txt to reduce vulnerabilities (twilio#742)

twilio-product-security · snyk-bot · tiwarishubham635 · web-flow · commit 60e09a5d18e4 · 2024-04-05T16:39:40.000+05:30
The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Shubham <tiwarishubham635@gmail.com>
diff --git a/requirements.txt b/requirements.txt
@@ -1,5 +1,6 @@
 pygments>=2.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
-requests>=2.0.0
+requests>=2.31.0
 PyJWT>=2.0.0, <3.0.0
 aiohttp>=3.9.0
 aiohttp-retry>=2.8.3
+certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability
