From 507b47c2337369adaead7843ac7fe5e11dcb0e23 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 24 Aug 2024 07:02:01 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-2348630 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-PROMPTTOOLKIT-6141120 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482 --- requirements.txt | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 31db227..802e6a0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -17,4 +17,12 @@ mkdocs==0.15.3 dj_database_url==0.5.0 psycopg2==2.7.4 gunicorn==19.8.0 -whitenoise==3.3.1 \ No newline at end of file +whitenoise==3.3.1 +certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability +idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability +ipython>=7.16.3 # not directly required, pinned by Snyk to avoid a vulnerability +jinja2>=3.1.4 # not directly required, pinned by Snyk to avoid a vulnerability +prompt-toolkit>=3.0.13 # not directly required, pinned by Snyk to avoid a vulnerability +pygments>=2.15.0 # not directly required, pinned by Snyk to avoid a vulnerability +requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability +setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file