From 180a5c3382b404e3a0fa7ea4d9259b32618c92c4 Mon Sep 17 00:00:00 2001
From: Nathan Booker <bookernath@users.noreply.github.com>
Date: Thu, 16 Dec 2021 21:36:53 -0600
Subject: [PATCH 1/3] Bump BC library to 0.22.3

---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index fc23c3a..04b22f4 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -4,7 +4,7 @@ Werkzeug==2.0.1
 itsdangerous==2.0.1
 requests==2.25.1
 python-dotenv==0.17.1
-bigcommerce==0.22.2
+bigcommerce==0.22.3
 gunicorn==20.1.0
 psycopg2==2.8.6
 Flask-SQLAlchemy==2.5.1

From bcbf816e40b8e1bc2ad10bf41d40dda5d6818459 Mon Sep 17 00:00:00 2001
From: bookernath <nathan.booker@bigcommerce.com>
Date: Thu, 16 Dec 2021 21:55:17 -0600
Subject: [PATCH 2/3] Remove explicit MarkupSafe requirement

---
 requirements.txt | 1 -
 1 file changed, 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 04b22f4..2ede946 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,4 @@
 Flask==2.0.1
-MarkupSafe==1.1.0
 Werkzeug==2.0.1
 itsdangerous==2.0.1
 requests==2.25.1

From f41a8ea02960329cf67af1e9462b47193f2e34e8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 14 Nov 2022 21:49:34 +0000
Subject: [PATCH 3/3] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904
---
 requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/requirements.txt b/requirements.txt
index 2ede946..b208e67 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -7,3 +7,4 @@ bigcommerce==0.22.3
 gunicorn==20.1.0
 psycopg2==2.8.6
 Flask-SQLAlchemy==2.5.1
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability