fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-559098
- https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435

requirements.txt

@@ -1,8 +1,9 @@
 cookiecutter==1.6.0
 click==7.0
 fire==0.2.1
-pyyaml==5.2
-Pygments==2.5.2
+pyyaml==5.4
+Pygments==2.7.4
 requests==2.22.0
 colorama==0.4.3
 appdirs==1.4.3
+urllib3>=1.26.5 # not directly required, pinned by Snyk to avoid a vulnerability