From bdefcd72f2cd8a1bf2cef37d017657b933c64603 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 29 Jan 2026 02:12:06 +0000
Subject: [PATCH] fix: requirements/base.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-10074036
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-10302884
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-12485156
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-13836728
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-13837025
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157807
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157810
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7435780
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436273
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436514
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436646
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642790
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642791
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642813
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642814
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7886958
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7886959
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-8456315
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-8456316
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-9296408
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-14157217
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements/base.txt | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index 90628529..1659c8dd 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -99,4 +99,6 @@ iso639-lang==2.6.3  # https://pypi.org/project/iso639-lang/
 
 # PyCountry
 # ------------------------------------------------------------------------------
-pycountry==24.6.1  # https://pypi.org/project/pycountry/
\ No newline at end of file
+pycountry==24.6.1  # https://pypi.org/project/pycountry/
+sqlparse>=0.5.4 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file