From 67ead3d7b189dfbc5c61e2a6afa4ce79f8214ea9 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 5 Feb 2026 21:53:52 +0000
Subject: [PATCH 1/3] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-15183335
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 3f89f6f16c..9363169b5f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -13,7 +13,7 @@ botocore>=1.39.15
 celery>=5.5.3
 coverage>=7.9.2
 defusedxml>=0.7.1    # for TastyPie when using xml; not a declared dependency
-Django>4.2,<5
+Django>4.2.28
 django-admin-rangefilter>=0.13.3
 django-analytical>=3.2.0
 django-bootstrap5>=25.1
@@ -91,3 +91,4 @@ xml2rfc>=3.30.0
 xym>=0.6,<1.0
 zxcvbn>=4.5.0
 types-zxcvbn~=4.5.0.20250223  # match zxcvbn version
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability

From 925deb4b43eb7c479d745309c0d7f5f60a095841 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 6 Feb 2026 01:18:10 +0000
Subject: [PATCH 2/3] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-15183335
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899

From 8d6e2e94c3491233760a62f28fdac68a829ec15f Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 9 Feb 2026 23:52:11 +0000
Subject: [PATCH 3/3] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-15183335
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899