From ef3204746c01a00c6bc851258ab0b1044b22b789 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 16 Jan 2024 14:55:18 -0500
Subject: [PATCH] Bump jinja2 from 3.1.2 to 3.1.3 in /src (#265)

* Bump jinja2 from 3.1.2 to 3.1.3 in /src

Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](https://github.com/pallets/jinja/compare/3.1.2...3.1.3)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

* pip-compile dependencies with jinja2>=3.1.3

* fix comment alignment

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Romaniello <aromaniello@ntia.gov>
---
 src/requirements-dev.txt | 2 +-
 src/requirements.in      | 1 +
 src/requirements.txt     | 6 ++++--
 3 files changed, 6 insertions(+), 3 deletions(-)

diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt
index b4a97319..96beb804 100644
--- a/src/requirements-dev.txt
+++ b/src/requirements-dev.txt
@@ -149,7 +149,7 @@ itypes==1.2.0
     # via
     #   -r requirements.txt
     #   coreapi
-jinja2==3.1.2
+jinja2==3.1.3
     # via
     #   -r requirements.txt
     #   coreschema
diff --git a/src/requirements.in b/src/requirements.in
index c34c131a..b99a9f25 100644
--- a/src/requirements.in
+++ b/src/requirements.in
@@ -18,5 +18,6 @@ scos_tekrsa @ git+https://github.com/NTIA/scos-tekrsa@4.0.0
 # The following are sub-dependencies for which SCOS Sensor enforces a
 # higher minimum patch version than the dependencies which require them.
 # This is done to ensure the inclusion of specific security patches.
+jinja2>=3.1.3         # CVE-2024-22195
 pyyaml>=5.4.0         # CVE-2020-14343
 urllib3>=1.26.18      # CVE-2023-45803
diff --git a/src/requirements.txt b/src/requirements.txt
index c73aa7f2..fe7f191b 100644
--- a/src/requirements.txt
+++ b/src/requirements.txt
@@ -69,8 +69,10 @@ its-preselector @ git+https://github.com/NTIA/Preselector@3.1.0
     # via scos-actions
 itypes==1.2.0
     # via coreapi
-jinja2==3.1.2
-    # via coreschema
+jinja2==3.1.3
+    # via
+    #   -r requirements.in
+    #   coreschema
 jsonfield==3.1.0
     # via -r requirements.in
 jsonschema==3.2.0