From b08eae5b0de93a95f7bbaf9b026dce60cbbfee3b Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Sat, 10 Dec 2022 09:44:08 +0100
Subject: [PATCH] fix: requirements_dev.txt to reduce vulnerabilities (#10369)
 (#10393)

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-2348630
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904

Co-authored-by: Snyk bot <snyk-bot@snyk.io>
---
 requirements_dev.txt | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/requirements_dev.txt b/requirements_dev.txt
index b039a38cc65..3d86d31c018 100644
--- a/requirements_dev.txt
+++ b/requirements_dev.txt
@@ -1,3 +1,5 @@
 ipdb
 pre-commit
 setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
+ipython>=7.16.3 # not directly required, pinned by Snyk to avoid a vulnerability
+pygments>=2.7.4 # not directly required, pinned by Snyk to avoid a vulnerability