From 5c3d6b0d8c02c152df4a4120910f4b17ba21826f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 27 Jan 2024 09:13:23 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6050294
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6126975
---
 requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/requirements.txt b/requirements.txt
index 3e7f314..5adc3f4 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -9,3 +9,4 @@ hca >= 6.3.0, <7
 psycopg2-binary==2.7.5
 dcplib >= 3.2.1, < 4
 PyGithub
+cryptography>=42.0.0 # not directly required, pinned by Snyk to avoid a vulnerability