From 51fa6d7fae207f5747e0c90aad2fd12c62479c71 Mon Sep 17 00:00:00 2001
From: Jeremy Frasier <jeremy.frasier@trio.dhs.gov>
Date: Tue, 15 Nov 2022 09:18:59 -0500
Subject: [PATCH] Add a lower bound for the version of setuptools

This is done in response to a recently-discovered vulnerability in
setuptools:
- https://security.snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904
- https://cwe.mitre.org/data/definitions/1333.html
- https://github.com/pypa/setuptools/issues/3659
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 0a8547b..e7e70ae 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,2 +1,2 @@
-setuptools
+setuptools>=65.5.1
 wheel