From fb1b03a200d683b746caa21acbb00d04893db990 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 8 Aug 2023 19:38:13 +0000
Subject: [PATCH] fix:
 sdks/python/apache_beam/testing/benchmarks/chicago_taxi/requirements.txt to
 reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JOBLIB-3027033
---
 .../apache_beam/testing/benchmarks/chicago_taxi/requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sdks/python/apache_beam/testing/benchmarks/chicago_taxi/requirements.txt b/sdks/python/apache_beam/testing/benchmarks/chicago_taxi/requirements.txt
index 20bef12d0295..67ab8d74a8b7 100644
--- a/sdks/python/apache_beam/testing/benchmarks/chicago_taxi/requirements.txt
+++ b/sdks/python/apache_beam/testing/benchmarks/chicago_taxi/requirements.txt
@@ -22,3 +22,4 @@ tensorflow-metadata>=0.13.0,<0.14
 tensorflow-model-analysis>=0.13.2,<0.14
 tensorflow-serving-api>=1.13.0,<1.14
 tensorflow-transform>=0.13.0,<0.14
+joblib>=1.1.1 # not directly required, pinned by Snyk to avoid a vulnerability