From a83eb7552421d15546ec866079f83e1e43153194 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 7 Sep 2025 09:48:10 +0000
Subject: [PATCH] fix: requirements/base.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-12485156
- https://snyk.io/vuln/SNYK-PYTHON-XMLTODICT-12427118
---
 requirements/base.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements/base.txt b/requirements/base.txt
index 00582587..fdf38455 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -7,7 +7,7 @@ pytz==2023.3.post1  # https://github.com/stub42/pytz
 Pillow==10.2.0  # https://github.com/python-pillow/Pillow
 argon2-cffi==23.1.0  # https://github.com/hynek/argon2_cffi
 whitenoise==6.6.0  # https://github.com/evansd/whitenoise
-xmltodict==0.13.0  # https://github.com/martinblech/xmltodict.git
+xmltodict==0.15.0  # https://github.com/martinblech/xmltodict.git
 lxml==4.9.4  # https://github.com/lxml/lxml
 freezegun==1.5.1  # https://pypi.org/project/freezegun/