From e29ba9272cf8824ef7ef05595fae6e8cd4cd2625 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 23 Feb 2022 08:44:08 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505
- https://snyk.io/vuln/SNYK-PYTHON-SPHINX-570772
- https://snyk.io/vuln/SNYK-PYTHON-SPHINX-570773
---
 requirements.txt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/requirements.txt b/requirements.txt
index bbf537d..9c58cd3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,3 +3,5 @@
 xnat>=0.3.9
 progressbar2>=3.16.0
 future>=0.16
+pygments>=2.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
+sphinx>=3.0.4 # not directly required, pinned by Snyk to avoid a vulnerability