From b9ac407a961354b71418417a4dcaff5796f8d06a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 13 Feb 2024 01:46:24 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CBOR2-6242783
---
 requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/requirements.txt b/requirements.txt
index 7f1267475..e1df0d05d 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -36,3 +36,4 @@ ijson==2.5.1
 # Optional and third-party/integration dependencies
 python-keystoneclient==3.22.0
 pg8000==1.10.6
+cbor2>=5.6.0 # not directly required, pinned by Snyk to avoid a vulnerability