Skip to content

Commit 920efed

Browse files
snyk-botsnyk-bot
committed
fix: requirements.txt to reduce vulnerabilities
The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
1 parent 5482fdc commit 920efed

File tree

1 file changed

+4
-2
lines changed

1 file changed

+4
-2
lines changed

requirements.txt

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
setuptools==57.4.0
1+
setuptools==70.0.0
22
elasticsearch==7.14.0
33
netaddr==0.8.0
44
flask==2.0.1
@@ -9,4 +9,6 @@ oschmod==0.3.12
99
argparse==1.4.0
1010
PyYAML==5.4.1 # library_name=yaml
1111
flask-swagger==0.2.14 # library_name=flask_swagger
12-
flask-swagger-ui==3.36.0 # library_name=flask_swagger_ui
12+
flask-swagger-ui==3.36.0 # library_name=flask_swagger_ui
13+
werkzeug>=3.0.3 # not directly required, pinned by Snyk to avoid a vulnerability
14+
zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability

0 commit comments

Comments
 (0)