From a391d66d6fe0f044ce3ea940dad9632eede6f1bc Mon Sep 17 00:00:00 2001
From: Gavin Westwood <31341494+gwestwood@users.noreply.github.com>
Date: Thu, 9 Jan 2020 12:07:44 +0000
Subject: [PATCH 1/2] Upgrade dependancies due to vulnerabilities [snyk]

Changed versions as per report from Snyk re vulnerabilities.
---
 requirements.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index bdaa04b..626820e 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,4 @@
-Django==1.11.1
+Django==1.11.27
 mysqlclient==1.3.10
-requests==2.18.1
-urllib3==1.21.1
\ No newline at end of file
+requests==2.20
+urllib3==1.21.1

From 98b5c6187bd700b34f15bce7ad17740b9d7032b9 Mon Sep 17 00:00:00 2001
From: Gavin Westwood <31341494+gwestwood@users.noreply.github.com>
Date: Thu, 9 Jan 2020 12:13:22 +0000
Subject: [PATCH 2/2] Allow later versions to be installed, and update urllib3

1) Change to have minimum required versions, so potentially the installer can pick non-vulnerable ones.
2) Update urllib3 minimum version due to vulnerability from a Snyk report.
---
 requirements.txt | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 626820e..644e5a3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,4 +1,4 @@
-Django==1.11.27
-mysqlclient==1.3.10
-requests==2.20
-urllib3==1.21.1
+Django>=1.11.27
+mysqlclient>=1.3.10
+requests>=2.20
+urllib3>=1.23