From 1e97a65eb07e561bbcefd74b5aeda040882ae81d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 14 Feb 2026 02:02:31 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-15263096
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 51a44f5..39e9b92 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,7 +2,7 @@ social-auth-app-django
 social-auth-core>=3.3.0
 kiwitcms-tenants
 certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability
-cryptography>=41.0.4 # not directly required, pinned by Snyk to avoid a vulnerability
+cryptography>=46.0.5 # not directly required, pinned by Snyk to avoid a vulnerability
 pyjwt>=2.4.0 # not directly required, pinned by Snyk to avoid a vulnerability
 requests>=2.32.0 # not directly required, pinned by Snyk to avoid a vulnerability
 sqlparse>=0.5.0 # not directly required, pinned by Snyk to avoid a vulnerability