From 282b00673174b84281796265a077b742e52c3f4f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 1 Nov 2024 05:08:58 +0000
Subject: [PATCH] fix: daemons/upload-checksum-daemon/requirements.txt to
 reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-8309091
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-8309092
---
 daemons/upload-checksum-daemon/requirements.txt | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)
 mode change 120000 => 100644 daemons/upload-checksum-daemon/requirements.txt

diff --git a/daemons/upload-checksum-daemon/requirements.txt b/daemons/upload-checksum-daemon/requirements.txt
deleted file mode 120000
index fd1efae7..00000000
--- a/daemons/upload-checksum-daemon/requirements.txt
+++ /dev/null
@@ -1 +0,0 @@
-../../requirements.txt
\ No newline at end of file
diff --git a/daemons/upload-checksum-daemon/requirements.txt b/daemons/upload-checksum-daemon/requirements.txt
new file mode 100644
index 00000000..55e1f9ef
--- /dev/null
+++ b/daemons/upload-checksum-daemon/requirements.txt
@@ -0,0 +1,14 @@
+alembic==1.0.0
+boto3==1.9.44
+botocore==1.12.119
+connexion==1.5.2
+cryptography==2.3.1
+dcplib>=2.0.0
+jsonschema==2.6.0
+psycopg2-binary==2.7.5
+PyJWT==1.6.4
+requests==2.20.0
+s3transfer<0.3.0,>=0.2.0
+SQLAlchemy==1.3.2
+tenacity==5.0.2
+werkzeug>=3.0.6 # not directly required, pinned by Snyk to avoid a vulnerability