From 9bd1308d0afb2d58ad14df4fadb2caad39c11aa4 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 16 Nov 2022 19:03:54 +0000 Subject: [PATCH] fix: giza/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-BABEL-1278589 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-1022152 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-40445 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-174126 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-455616 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 - https://snyk.io/vuln/SNYK-PYTHON-SPHINX-570772 - https://snyk.io/vuln/SNYK-PYTHON-SPHINX-570773 --- giza/requirements.txt | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/giza/requirements.txt b/giza/requirements.txt index 51052ec40..e74d0f54f 100644 --- a/giza/requirements.txt +++ b/giza/requirements.txt @@ -1,9 +1,9 @@ argh==0.26.1 -Babel==2.2.0 +Babel==2.9.1 boto==2.39.0 cffi==1.5.2 click==6.2 -cryptography==1.2.2 +cryptography==3.2 docutils==0.12 enum34==1.1.2 future==0.15.2 @@ -12,7 +12,7 @@ giza==0.5.7a0 hieroglyph==0.7.1 idna==2.0 ipaddress==1.0.16 -Jinja2==2.8 +Jinja2==2.11.3 jira==1.0.3 libgiza==0.2.7 MarkupSafe==0.23 @@ -22,7 +22,7 @@ onetimepass==1.0.1 polib==1.0.7 pyasn1==0.1.9 pycparser==2.14 -Pygments==2.1.1 +Pygments==2.7.4 pyOpenSSL==0.15.1 pytz==2015.7 PyYAML==3.11 @@ -31,10 +31,11 @@ requests-oauthlib==0.6.0 requests-toolbelt==0.6.0 rstcloth==0.2.5 six==1.10.0 -Sphinx==1.2.3 +Sphinx==3.0.4 sphinx-intl==0.9.9 sphinxcontrib-httpdomain==1.4.0 tlslite==0.4.9 uritemplate.py==0.3.0 Wand==0.4.2 wheel==0.29.0 +setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability