From 8c62e56eda3ffd71db8c1d1194c899796d34763d Mon Sep 17 00:00:00 2001
From: Andrea Bedini <andrea.bedini@tweag.io>
Date: Wed, 9 Aug 2023 12:57:55 +0800
Subject: [PATCH] Address CVE-2023-37920

bump certifi to 2023.07

https://nvd.nist.gov/vuln/detail/CVE-2023-37920
https://github.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7
---
 doc/requirements.in  | 4 ++--
 doc/requirements.txt | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/doc/requirements.in b/doc/requirements.in
index df0b2f34d80..b022abd00a4 100644
--- a/doc/requirements.in
+++ b/doc/requirements.in
@@ -4,5 +4,5 @@ sphinx-jsonschema
 sphinxnotes-strike
 # Pygments>=2.7.4 suggested by CVE-2021-20270 CVE-2021-27291
 Pygments >= 2.7.4
-# Suggested by dependabot in https://github.com/haskell/cabal/pull/8807
-certifi >= 2022.12.7
+# CVE-2023-37920
+certifi >= 2023.07.22
diff --git a/doc/requirements.txt b/doc/requirements.txt
index 5e0da823db0..af23e5d28ec 100644
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with Python 3.10
+# This file is autogenerated by pip-compile with Python 3.11
 # by the following command:
 #
 #    pip-compile requirements.in
@@ -8,7 +8,7 @@ alabaster==0.7.13
     # via sphinx
 babel==2.12.1
     # via sphinx
-certifi==2023.5.7
+certifi==2023.7.22
     # via
     #   -r requirements.in
     #   requests