Skip to content

Commit

Permalink
fix: requirements.txt to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
  • Loading branch information
@snyk-bot
snyk-bot committed Aug 1, 2024
1 parent 5482fdc commit 920efed
Showing 1 changed file with 4 additions and 2 deletions.
6 changes: 4 additions & 2 deletions requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
setuptools==57.4.0
setuptools==70.0.0
elasticsearch==7.14.0
netaddr==0.8.0
flask==2.0.1
Expand All @@ -9,4 +9,6 @@ oschmod==0.3.12
argparse==1.4.0
PyYAML==5.4.1 # library_name=yaml
flask-swagger==0.2.14 # library_name=flask_swagger
flask-swagger-ui==3.36.0 # library_name=flask_swagger_ui
flask-swagger-ui==3.36.0 # library_name=flask_swagger_ui
werkzeug>=3.0.3 # not directly required, pinned by Snyk to avoid a vulnerability
zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability

0 comments on commit 920efed

Please sign in to comment.