From 9c59044b47b4c9c06afbd47a84e4823003ff0972 Mon Sep 17 00:00:00 2001
From: Bob Yantosca <yantosca@seas.harvard.edu>
Date: Thu, 16 Jan 2025 14:23:34 -0500
Subject: [PATCH] Bump jinja2 to 3.1.5 as suggested by Dependabot

docs/requirements.txt
- Bumped jinja2 to version 3.1.5, as suggested by GitHub Dependabot.
  This is a security fix.

CHANGELOG.md
- Updated accordingly

Signed-off-by: Bob Yantosca <yantosca@seas.harvard.edu>
---
 CHANGELOG.md          | 4 ++++
 docs/requirements.txt | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index d603763aa..a764e591c 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,10 @@ This file documents all notable changes to the GCHP wrapper repository starting
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [Unreleased] - TBD
+### Changed
+- Bumped `jinja2` to version 3.1.5 in `docs/requirements.txt` to fix a security issue
+
 ## [14.5.1] - 2025-01-10
 ### Added
 - Added code to `src/CMakeLists.txt` to build & install the KPP standalone executable when `fullchem` or `custom` mechanisms are selected
diff --git a/docs/requirements.txt b/docs/requirements.txt
index 8c874e35e..edf97a3bc 100644
--- a/docs/requirements.txt
+++ b/docs/requirements.txt
@@ -12,4 +12,4 @@ sphinxcontrib-bibtex==2.6.2
 sphinx-autobuild==2021.3.14
 recommonmark==0.7.1
 docutils==0.20.1
-jinja2==3.1.4
+jinja2==3.1.5