From 09735031fbbba0adc5f89f2e87ea5a17eaeea4f8 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 20 Oct 2022 04:54:11 +0000
Subject: [PATCH] fix: requirements_all_ds.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-3031740
- https://snyk.io/vuln/SNYK-PYTHON-PYARROW-483026
---
 requirements_all_ds.txt | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/requirements_all_ds.txt b/requirements_all_ds.txt
index 274de7516b..da84be4aa6 100644
--- a/requirements_all_ds.txt
+++ b/requirements_all_ds.txt
@@ -1,5 +1,5 @@
 google-api-python-client==1.7.11
-protobuf==3.17.3
+protobuf==3.18.3
 gspread==3.1.0
 impyla==0.16.0
 influxdb==5.2.3
@@ -35,4 +35,5 @@ pydgraph==2.0.2
 azure-kusto-data==0.0.35
 pyexasol==0.12.0
 python-rapidjson==0.8.0
-pyodbc==4.0.28
\ No newline at end of file
+pyodbc==4.0.28
+pyarrow>=0.15.1 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file