From 7d36bda20b43fb778c572b4217a86476fb914382 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 11 Jan 2024 14:30:40 +0000
Subject: [PATCH] fix: ee/connectors/deploy/requirements_bigquery.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PYARROW-6052811
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
---
 ee/connectors/deploy/requirements_bigquery.txt | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/ee/connectors/deploy/requirements_bigquery.txt b/ee/connectors/deploy/requirements_bigquery.txt
index b0589ce25..f8de57cd2 100644
--- a/ee/connectors/deploy/requirements_bigquery.txt
+++ b/ee/connectors/deploy/requirements_bigquery.txt
@@ -4,4 +4,7 @@ SQLAlchemy==1.4.43
 google-cloud-bigquery==3.4.2
 pandas==1.5.1
 PyYAML==6.0
-pandas-gbq==0.19.2
\ No newline at end of file
+pandas-gbq==0.19.2
+numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability
+pyarrow>=14.0.1 # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file