From ba970118274c7eb9897330dc136043f355e8592d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 19 Nov 2022 06:57:31 +0000
Subject: [PATCH] fix: requirements_all_ds.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-AZURESTORAGEBLOB-2949173
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-1022152
- https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-3031740
- https://snyk.io/vuln/SNYK-PYTHON-PYJWT-2840625
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904
---
 requirements_all_ds.txt | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/requirements_all_ds.txt b/requirements_all_ds.txt
index 15cda6fecc..4f6750e563 100644
--- a/requirements_all_ds.txt
+++ b/requirements_all_ds.txt
@@ -1,5 +1,5 @@
 google-api-python-client==1.7.11
-protobuf==3.17.3
+protobuf==3.18.3
 gspread==3.1.0
 impyla==0.16.0
 influxdb==5.2.3
@@ -42,3 +42,7 @@ xlrd==2.0.1
 openpyxl==3.0.7
 firebolt-sdk
 pandas==1.3.4
+azure-storage-blob>=12.13.0 # not directly required, pinned by Snyk to avoid a vulnerability
+cryptography>=3.2 # not directly required, pinned by Snyk to avoid a vulnerability
+pyjwt>=2.4.0 # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability