From 593fd0a1780dafbf06c20ee845937ce9cdc1a38b Mon Sep 17 00:00:00 2001
From: Gavin D'souza <gavin18d@gmail.com>
Date: Mon, 20 Jun 2022 17:00:30 +0530
Subject: [PATCH 1/2] ci: Add audit for python dependencies via pip-audit

---
 .github/workflows/deps-checker.yml | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 .github/workflows/deps-checker.yml

diff --git a/.github/workflows/deps-checker.yml b/.github/workflows/deps-checker.yml
new file mode 100644
index 0000000000..3f81b5c633
--- /dev/null
+++ b/.github/workflows/deps-checker.yml
@@ -0,0 +1,22 @@
+name: 'Python Dependency Check'
+on:
+  pull_request:
+  workflow_dispatch:
+  push:
+    branches: [ develop ]
+
+permissions:
+  contents: read
+
+jobs:
+  deps-vulnerable-check:
+    name: 'Vulnerable Dependency'
+    runs-on: ubuntu-latest
+
+    steps:
+      - uses: actions/setup-python@v4
+        with:
+          python-version: 3.8
+      - uses: actions/checkout@v3
+      - run: pip install pip-audit
+      - run: pip-audit ${GITHUB_WORKSPACE}

From 71531bd2906d34b53973ae6db6667f0b470fb0c4 Mon Sep 17 00:00:00 2001
From: Gavin D'souza <gavin18d@gmail.com>
Date: Tue, 21 Jun 2022 11:33:07 +0530
Subject: [PATCH 2/2] chore(deps): Bump PyJWT from 2.0.1 to 2.4.0

Consists of security & bug fixes, and seemingly no breaking changes

Ref: https://pyjwt.readthedocs.io/en/stable/changelog.html
---
 pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index 81be41c480..89be81eaf0 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -14,7 +14,7 @@ dependencies = [
     "GitPython~=3.1.14",
     "Jinja2~=3.1.2",
     "Pillow~=9.1.1",
-    "PyJWT~=2.0.1",
+    "PyJWT~=2.4.0",
     "PyMySQL~=1.0.2",
     "PyPDF2~=2.1.0",
     "PyPika~=0.48.9",