Merge pull request #19 from 18F/dependabot/pip/lxml-4.9.1

Bump lxml from 4.8.0 to 4.9.1

requirements.in

@@ -21,7 +21,7 @@ PyJWT==2.4.0
 SQLAlchemy==1.4.36
 cachetools==5.1.0
 beautifulsoup4==4.11.1
-lxml==4.8.0
+lxml==4.9.1
 Werkzeug==2.0.3  # pyup: <2.1.0 # later versions are not compatible with the version of flask-sqlalchemy we have pinned
 python-dotenv==0.20.0
 

requirements.txt

@@ -77,8 +77,6 @@ docopt==0.6.2
     # via notifications-python-client
 docutils==0.16
     # via awscli
-python-dotenv==0.20.0
-    # via -r requirements.in
 eventlet==0.33.1
     # via gunicorn
 flask==2.1.2
@@ -111,15 +109,15 @@ geojson==2.5.0
 govuk-bank-holidays==0.11
     # via notifications-utils
 greenlet==1.1.2
-    # via eventlet
+    # via
+    #   eventlet
+    #   sqlalchemy
 gunicorn @ git+https://github.com/benoitc/gunicorn.git@1299ea9e967a61ae2edebe191082fd169b864c64
     # via -r requirements.in
 idna==3.3
     # via
     #   jsonschema
     #   requests
-importlib-metadata==4.11.4
-    # via flask
 iso8601==1.0.2
     # via -r requirements.in
 isoduration==20.11.0
@@ -143,7 +141,7 @@ jsonschema[format]==4.5.1
     # via -r requirements.in
 kombu==5.2.4
     # via celery
-lxml==4.8.0
+lxml==4.9.1
     # via -r requirements.in
 mako==1.2.0
     # via alembic
@@ -202,6 +200,8 @@ python-dateutil==2.8.2
     #   arrow
     #   awscli-cwlogs
     #   botocore
+python-dotenv==0.20.0
+    # via -r requirements.in
 python-json-logger==2.0.2
     # via notifications-utils
 pytz==2022.1
@@ -252,8 +252,6 @@ sqlalchemy==1.4.36
     #   marshmallow-sqlalchemy
 statsd==3.3.0
     # via notifications-utils
-typing-extensions==4.2.0
-    # via pypdf2
 uri-template==1.2.0
     # via jsonschema
 urllib3==1.26.9
@@ -277,8 +275,6 @@ werkzeug==2.0.3
     #   flask
 wrapt==1.14.1
     # via deprecated
-zipp==3.8.0
-    # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
 # setuptools