From f74a5e46375d03340200413dce3801ece4d23138 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 17 Sep 2024 08:03:38 +0000 Subject: [PATCH] fix: python/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933 --- python/requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/python/requirements.txt b/python/requirements.txt index 84a28491..7f5c376a 100644 --- a/python/requirements.txt +++ b/python/requirements.txt @@ -4,7 +4,7 @@ certifi==2024.7.4 chardet==4.0.0 charset-normalizer==2.0.7 click==8.0.3 -Flask==2.1.1 +Flask==2.2.5 gevent==22.10.2 gevent-ws==2.1.0 greenlet==3.0.2 @@ -22,7 +22,7 @@ requests==2.32.2 sentry-sdk==2.8.0 six==1.16.0 urllib3==1.26.19 -Werkzeug==2.2.2 +Werkzeug==3.0.3 zipp==3.19.1 zope.event==4.5.0 zope.interface==5.4.0