From ba5ea4e7be56218c98d73f6ffc4da205bc2d0424 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 13 Mar 2024 22:39:42 +0000 Subject: [PATCH] fix: requirements_dev.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 --- requirements_dev.txt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/requirements_dev.txt b/requirements_dev.txt index 96f9e4e..1167683 100644 --- a/requirements_dev.txt +++ b/requirements_dev.txt @@ -10,3 +10,7 @@ twine==1.12.1 pytest==3.8.2 pytest-runner==4.2 +certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability +jinja2>=3.1.3 # not directly required, pinned by Snyk to avoid a vulnerability +pygments>=2.15.0 # not directly required, pinned by Snyk to avoid a vulnerability +requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability