From 60840d6c8e8829f62208a42d9cfd41863898c949 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 31 Oct 2025 11:32:46 +0000
Subject: [PATCH] fix: requirements/production.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-6615672
- https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-9510910
- https://snyk.io/vuln/SNYK-PYTHON-SENTRYSDK-7541801
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390194
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements/production.txt | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/requirements/production.txt b/requirements/production.txt
index d1119b5ff..11576be6c 100644
--- a/requirements/production.txt
+++ b/requirements/production.txt
@@ -12,7 +12,7 @@
 # WEB SERVER & WSGI
 # ==============================================================================
 
-gunicorn==21.2.0  # https://github.com/benoitc/gunicorn
+gunicorn==23.0.0  # https://github.com/benoitc/gunicorn
 gevent==24.2.1  # http://www.gevent.org/
 
 # ==============================================================================
@@ -32,7 +32,7 @@ django-anymail  # https://github.com/anymail/django-anymail
 # ==============================================================================
 
 # Sentry
-sentry-sdk[django]==2.5.1  # https://github.com/getsentry/sentry-python
+sentry-sdk==2.8.0  # https://github.com/getsentry/sentry-python
 
 # Elastic APM
 elastic-apm==6.21.4.post8347027212  # https://pypi.org/project/elastic-apm/
@@ -41,4 +41,7 @@ elastic-apm==6.21.4.post8347027212  # https://pypi.org/project/elastic-apm/
 # SECURITY UPDATES
 # ==============================================================================
 
-setuptools>=68.2.2  # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file
+setuptools>=68.2.2  # not directly required, pinned by Snyk to avoid a vulnerability
+sqlparse>=0.5.0 # not directly required, pinned by Snyk to avoid a vulnerability
+urllib3>=2.5.0 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file