From f92028ca3971792f77b6d85b20ea82fe1235139a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 6 Feb 2023 01:47:08 +0000
Subject: [PATCH] fix: dev_requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SPHINX-570772
- https://snyk.io/vuln/SNYK-PYTHON-SPHINX-570773
---
 dev_requirements.txt | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/dev_requirements.txt b/dev_requirements.txt
index 09f09f1c..19269185 100644
--- a/dev_requirements.txt
+++ b/dev_requirements.txt
@@ -4,7 +4,7 @@ nose2
 pbr==1.8.1
 numpydoc==0.4; python_version>='3.0'
 sphinx>=2.1.0; python_version>='3.5'
-sphinx==1.8.5; python_version<'3.5'
+sphinx==3.0.4; python_version<'3.5'
 testresources>=0.2.7
 jsonschema==2.6.0
 configparser==3.5.0
@@ -19,3 +19,6 @@ python-vagrant>=0.5.15
 pytest
 git+https://github.com/couchbaselabs/sphinx-autodoc-typehints.git; python_version>='3.0'
 git+https://github.com/couchbaselabs/mypy.git@stub-merge; python_version>'3.10'
+certifi>=2022.12.7 # not directly required, pinned by Snyk to avoid a vulnerability
+pygments>=2.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability