From 4c37f53dbfb8c1bceb61a4e99accbb9aa3562d43 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 9 Dec 2025 06:52:02 +0000
Subject: [PATCH] fix: website-backend/requirements.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157807
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157810
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-14157217
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192442
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192443
---
 website-backend/requirements.txt | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/website-backend/requirements.txt b/website-backend/requirements.txt
index 997b2f0..da59945 100644
--- a/website-backend/requirements.txt
+++ b/website-backend/requirements.txt
@@ -1,6 +1,6 @@
 ansi2html
 boto3
-Django==2.2.27
+Django==4.2.27
 django-gravatar2
 django-model-utils
 django-prometheus
@@ -17,3 +17,5 @@ PyJWT==1.7.1
 pytz==2016.6.1
 requests
 virtualenv==15.1.0
+sqlparse>=0.5.4 # not directly required, pinned by Snyk to avoid a vulnerability
+urllib3>=2.6.0 # not directly required, pinned by Snyk to avoid a vulnerability