From 26c5a804c4937fa4e3a5099029e45fc1670dd93c Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 1 Nov 2023 17:39:46 +0000
Subject: [PATCH 1/2] fix: requirements-doc.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512
---
 requirements-doc.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/requirements-doc.txt b/requirements-doc.txt
index 0ec0116ec..376ee81dd 100644
--- a/requirements-doc.txt
+++ b/requirements-doc.txt
@@ -4,3 +4,4 @@ sphinx-autobuild
 sphinx-rtd-theme
 sphinx_autodoc_typehints
 sphinxcontrib-plantuml
+tornado>=6.3.3 # not directly required, pinned by Snyk to avoid a vulnerability

From 052d0effe0b79d21786b6239d80f6d1dd121cfc4 Mon Sep 17 00:00:00 2001
From: Maciej Urbanski <maciej.rooter.urbanski@reef.pl>
Date: Thu, 2 Nov 2023 12:39:37 +0100
Subject: [PATCH 2/2] add changelog note for snyk tornado vulnerability
 false-positive fix

---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b0d821963..e22f3ca7e 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Infrastructure
 * Fix readthedocs build by updating to v2 configuration schema
 * Fix spellcheck erroring out on LICENSE file
+* Fix snyk reporting vulnerability due to tornado package use in docs generation
 
 ## [1.24.1] - 2023-09-27