From 40bcec653883fdd0c47f252be98baf871df6d900 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 2 Feb 2024 06:56:44 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1066259 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1076802 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1090612 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1279042 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1290072 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1298665 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1298666 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2312875 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329158 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329159 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329160 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389002 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389021 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606966 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606969 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2940618 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2968205 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3319450 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-536439 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-538244 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-543998 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5496950 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-559326 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-571013 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-571014 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5750790 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5880505 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-609368 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-609369 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970 - https://snyk.io/vuln/SNYK-PYTHON-PYJWT-2840625 - https://snyk.io/vuln/SNYK-PYTHON-RSA-1038401 - https://snyk.io/vuln/SNYK-PYTHON-RSA-570831 - https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5756497 - https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5759266 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177 --- requirements.txt | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/requirements.txt b/requirements.txt index 5af9ac3..9548f89 100644 --- a/requirements.txt +++ b/requirements.txt @@ -8,7 +8,7 @@ cffi==1.14.0 chardet==3.0.4 clamd==1.0.2 Click==7.0 -Django==2.2.7 +Django==3.2.21 django-allow-cidr==0.3.1 django-contrib-postgres==0.0.1 django-cors-headers==3.10.1 @@ -26,14 +26,14 @@ importlib-resources==5.4.0 jmespath==0.9.5 mongoengine==0.19.1 netaddr==0.8.0 -numpy==1.17.4 +numpy==1.22.2 pdfminer.six==20200124 psycopg2==2.8.4 pyasn1==0.4.8 pycodestyle==2.5.0 pycparser==2.20 pycryptodome==3.9.4 -PyJWT==1.7.1 +PyJWT==2.4.0 pymongo==3.9.0 PyNaCl==1.3.0 python-dateutil==2.8.1 @@ -44,7 +44,7 @@ r7insight-python==1.0.0 redis==4.3.4 regex==2022.10.31 requests==2.25.1 -rsa==4.0 +rsa==4.7 s3transfer==0.5.1 six==1.15.0 sortedcontainers==2.1.0 @@ -53,7 +53,7 @@ toml==0.10.0 typed-ast==1.4.0 untangle==1.1.1 urllib3==1.26.5 -Werkzeug==2.0.3 +Werkzeug==2.3.8 xlrd==1.2.0 XlsxWriter==1.2.8 zipp==3.6.0 @@ -64,6 +64,6 @@ tldextract==3.1.2 drf-yasg2==1.19.4 scikit-learn==0.24.2 pickle5==0.0.12 -scipy==1.5.4 +scipy==1.10.0rc1 chargebee==2.27.0 blinker==1.5