From 387288d385a51263f60218d1cd52a4166814c38b Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 13 Jul 2025 09:11:34 +0000
Subject: [PATCH] fix: online-boutique-demo/src/emailservice/requirements.txt
 to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-10364902
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390193
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390194
---
 online-boutique-demo/src/emailservice/requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/online-boutique-demo/src/emailservice/requirements.txt b/online-boutique-demo/src/emailservice/requirements.txt
index 0bf8440..b717961 100644
--- a/online-boutique-demo/src/emailservice/requirements.txt
+++ b/online-boutique-demo/src/emailservice/requirements.txt
@@ -71,7 +71,7 @@ opencensus==0.7.11
     #   -r requirements.in
     #   opencensus-ext-grpc
     #   opencensus-ext-stackdriver
-protobuf==3.13.0
+protobuf==4.25.8
     # via
     #   google-api-core
     #   google-cloud-profiler
@@ -107,7 +107,7 @@ six==1.15.0
     #   protobuf
 uritemplate==3.0.1
     # via google-api-python-client
-urllib3==1.25.10
+urllib3==2.5.0
     # via requests
 
 # The following packages are considered to be unsafe in a requirements file: