diff --git a/build/dependency_builder.sh b/build/dependency_builder.sh
index 6e8cfbee..f1d1de47 100755
--- a/build/dependency_builder.sh
+++ b/build/dependency_builder.sh
@@ -24,7 +24,7 @@ pip3 install -r ${WORKSPACE}/lambda/requirements.txt --target .
 
 # get rid of unneeded things to make code zip smaller
 rm -rf ./*.dist-info
-rm -rf pip
+# rm -rf pip # commented out because https://snyk.io/vuln/SNYK-PYTHON-PIP-609855
 rm -rf docutils
 rm -rf chalice/cli # cli in lambda? No way!
 rm -rf botocore # included with lambda, just takes up space here
diff --git a/lambda/requirements.txt b/lambda/requirements.txt
index e45bf6ba..4fc56d98 100644
--- a/lambda/requirements.txt
+++ b/lambda/requirements.txt
@@ -10,3 +10,5 @@ pyjwt==1.7.1
 pyOpenSSL==19.1.0 # maybe not necessary
 python-jose==3.2.0
 PyYAML==5.3.1
+
+pip>=19.2 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file