From 69b93639f9e3f18c18d9c36cb3e41c4a073f876f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 16 Sep 2024 04:46:00 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1066259 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1279042 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1290072 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-1298665 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2312875 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329158 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329159 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2329160 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389002 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389021 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606966 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606969 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2940618 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2968205 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3319450 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5496950 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5750790 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5880505 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5932095 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6041515 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6370660 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 --- requirements.txt | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 7941582..586c961 100644 --- a/requirements.txt +++ b/requirements.txt @@ -22,4 +22,8 @@ docutils==0.12 factory-boy==2.5.2 fastcache==1.0.2 django_tables2 -djangorestframework-jwt \ No newline at end of file +djangorestframework-jwt +certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability +django>=3.2.25 # not directly required, pinned by Snyk to avoid a vulnerability +idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability +requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file