From 09466a5c329e41462f35604fed8dabebe59bf6bb Mon Sep 17 00:00:00 2001
From: maniarathi <mani.arathi@gmail.com>
Date: Thu, 25 Feb 2021 12:24:06 -0800
Subject: [PATCH] fix: server/requirements-dev.txt to reduce vulnerabilities
 (#2055)

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-RSA-1038401

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
Co-authored-by: Madison Dunitz <madison.dunitz@chanzuckerberg.com>
---
 server/requirements-dev.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/server/requirements-dev.txt b/server/requirements-dev.txt
index 9f4fd7249..76370edfd 100644
--- a/server/requirements-dev.txt
+++ b/server/requirements-dev.txt
@@ -8,3 +8,4 @@ pytest>=3.6.3
 python-jose>=3.2.0
 twine>=1.12.1
 -r requirements.txt
+rsa>=4.7 # not directly required, pinned by Snyk to avoid a vulnerability