From 88365c273b4ef066c357432f3b0c83a07ebfa1ea Mon Sep 17 00:00:00 2001
From: Koushik Kiran Kumar
 <121969355+koushik-kiran-kumar@users.noreply.github.com>
Date: Fri, 28 Jun 2024 01:04:44 +0530
Subject: [PATCH] fix(SPT-30359): security fix (#202)

* fix: security fix
---
 .github/workflows/codeql-analysis.yml | 8 ++++----
 requirements.txt                      | 2 +-
 setup.py                              | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 2aafd98..409429e 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -25,7 +25,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
       with:
         # We must fetch at least the immediate parents so that if this is
         # a pull request then we can checkout the head.
@@ -38,14 +38,14 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v1
+      uses: github/codeql-action/init@v2
       with:
         languages: ${{ matrix.language }}
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v1
+      uses: github/codeql-action/autobuild@v2
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -59,4 +59,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v1
+      uses: github/codeql-action/analyze@v2
diff --git a/requirements.txt b/requirements.txt
index 19f2879..7b05607 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,5 +1,5 @@
 cachetools>=4.2.4
-certifi>=2017
+certifi==2024.6.2
 pendulum==2.1.2; python_version<='3.7'
 pendulum==3.0.0; python_version>='3.8'
 pyjwt>=2.4.0
diff --git a/setup.py b/setup.py
index d9f06fb..26dd503 100644
--- a/setup.py
+++ b/setup.py
@@ -11,7 +11,7 @@ def parse_requirements(requirement_file):
 
 
 setup(
-    version="10.18.0",
+    version="10.18.1",
     name="swimlane",
     author="Swimlane",
     author_email="info@swimlane.com",