From 775419c4f77687f267b83097aeb10d18d0401c17 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 2 Feb 2024 02:41:01 +0000 Subject: [PATCH] fix: requirements/requirements_extra.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986 --- requirements/requirements_extra.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/requirements/requirements_extra.txt b/requirements/requirements_extra.txt index 47559c5b..d3e57456 100644 --- a/requirements/requirements_extra.txt +++ b/requirements/requirements_extra.txt @@ -14,4 +14,5 @@ polyscope>=0.1.6 pycocotools #cupy # pip install cupy-cudaXXX -f https://pip.cupy.dev/pre -#cython \ No newline at end of file +#cython +pillow>=10.2.0 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file