From f1cd8daca2e08b6382c1e5a083ce2ffc06f0d797 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 4 Dec 2025 15:01:24 +0000
Subject: [PATCH] fix: requirements/production.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157807
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157810
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-14157217
---
 requirements/production.txt | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/requirements/production.txt b/requirements/production.txt
index d1119b5ff..e008371bf 100644
--- a/requirements/production.txt
+++ b/requirements/production.txt
@@ -41,4 +41,6 @@ elastic-apm==6.21.4.post8347027212  # https://pypi.org/project/elastic-apm/
 # SECURITY UPDATES
 # ==============================================================================
 
-setuptools>=68.2.2  # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file
+setuptools>=68.2.2  # not directly required, pinned by Snyk to avoid a vulnerability
+django>=4.2.27 # not directly required, pinned by Snyk to avoid a vulnerability
+sqlparse>=0.5.4 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file