From eac278212e0ca45fef302b7892d0f77e9f2a7b27 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 3 May 2024 20:42:52 +0000
Subject: [PATCH] fix: requirements/base.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713
- https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-6615672
- https://snyk.io/vuln/SNYK-PYTHON-HOLIDAYS-6591328
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
---
 requirements/base.txt | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index c5699955dc345..0e8d6c6ba7f5d 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -89,7 +89,7 @@ deprecated==1.2.13
     # via limits
 deprecation==2.1.0
     # via apache-superset
-dnspython==2.1.0
+dnspython==2.6.1
     # via email-validator
 email-validator==1.1.3
     # via flask-appbuilder
@@ -149,15 +149,15 @@ google-auth==2.27.0
     # via shillelagh
 greenlet==3.0.3
     # via shillelagh
-gunicorn==21.2.0
+gunicorn==22.0.0
     # via apache-superset
 hashids==1.3.1
     # via apache-superset
-holidays==0.25
+holidays==0.45
     # via apache-superset
 humanize==4.9.0
     # via apache-superset
-idna==3.2
+idna==3.7
     # via
     #   email-validator
     #   requests
@@ -349,7 +349,7 @@ sqlalchemy-utils==0.38.3
     #   flask-appbuilder
 sqlglot==23.6.3
     # via apache-superset
-sqlparse==0.4.4
+sqlparse==0.5.0
     # via apache-superset
 sshtunnel==0.4.0
     # via apache-superset
@@ -406,3 +406,4 @@ zipp==3.15.0
 
 # The following packages are considered to be unsafe in a requirements file:
 # setuptools
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability