Fix vulnerability (#1333)

cx-margarita-levitm · web-flow · commit 927a715883ac · 2025-10-21T13:13:44.000+03:00
Co-authored-by: cx-Margarita-LevitM &lt;cx-margarita-levitm&gt;
diff --git a/go.mod b/go.mod
@@ -10,6 +10,7 @@ require (
 	github.com/Checkmarx/manifest-parser v0.1.1
 	github.com/Checkmarx/secret-detection v1.2.1
 	github.com/MakeNowJust/heredoc v1.0.0
+	github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74
 	github.com/bouk/monkey v1.0.0
 	github.com/checkmarx/2ms/v3 v3.21.0
 	github.com/gofrs/flock v0.12.1
@@ -19,7 +20,6 @@ require (
 	github.com/gookit/color v1.5.4
 	github.com/jcmturner/gokrb5/v8 v8.4.4
 	github.com/jsumners/go-getport v1.0.0
-	github.com/alexbrainman/sspi v0.0.0-20210105120005-909beea2cc74
 	github.com/mssola/user_agent v0.6.0
 	github.com/pkg/errors v0.9.1
 	github.com/spf13/cobra v1.9.1
@@ -37,12 +37,6 @@ require (
 )
 
 require (
-	github.com/hashicorp/go-uuid v1.0.3 // indirect
-	github.com/jcmturner/aescts/v2 v2.0.0 // indirect
-	github.com/jcmturner/dnsutils/v2 v2.0.0 // indirect
-	github.com/jcmturner/gofork v1.7.6 // indirect
-	github.com/jcmturner/goidentity/v6 v6.0.1 // indirect
-	github.com/jcmturner/rpc/v2 v2.0.3 // indirect
 	dario.cat/mergo v1.0.1 // indirect
 	github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect
 	github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20240914100643-eb91380d8434 // indirect
@@ -165,11 +159,17 @@ require (
 	github.com/h2non/filetype v1.1.3 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-multierror v1.1.1 // indirect
+	github.com/hashicorp/go-uuid v1.0.3 // indirect
 	github.com/hashicorp/hcl/v2 v2.23.0 // indirect
 	github.com/huandu/xstrings v1.5.0 // indirect
 	github.com/iancoleman/strcase v0.3.0 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 // indirect
+	github.com/jcmturner/aescts/v2 v2.0.0 // indirect
+	github.com/jcmturner/dnsutils/v2 v2.0.0 // indirect
+	github.com/jcmturner/gofork v1.7.6 // indirect
+	github.com/jcmturner/goidentity/v6 v6.0.1 // indirect
+	github.com/jcmturner/rpc/v2 v2.0.3 // indirect
 	github.com/jinzhu/copier v0.4.0 // indirect
 	github.com/jmoiron/sqlx v1.4.0 // indirect
 	github.com/josharian/intern v1.0.0 // indirect
diff --git a/internal/commands/data/manifests/requirements.txt b/internal/commands/data/manifests/requirements.txt
@@ -55,7 +55,7 @@ flask==1.1.2
 
 # Range: greater than or equal and less than
 
-Django>=3.0,<4.0
+Django>=3.0,<6.0
 
 # Less than or equal
 
@@ -79,7 +79,7 @@ package\_with\_extras\[security,docs]==0.1.0
 
 # Environment marker (skip on Python>=3.8)
 
-scipy==1.5.2; python\_version < "3.8"
+scipy==1.5.2; python_version < "3.8"
 
 # Combined ranges with comma
 
diff --git a/test/integration/data/manifests/requirements.txt b/test/integration/data/manifests/requirements.txt
@@ -55,7 +55,7 @@ flask==1.1.2
 
 # Range: greater than or equal and less than
 
-Django>=3.0,<4.0
+Django>=3.0,<6.0
 
 # Less than or equal
 
@@ -79,7 +79,7 @@ package\_with\_extras\[security,docs]==0.1.0
 
 # Environment marker (skip on Python>=3.8)
 
-scipy==1.5.2; python\_version < "3.8"
+scipy==1.5.2; python_version < "3.8"
 
 # Combined ranges with comma
 
@@ -90,6 +90,3 @@ celery>=4.0,<5.0
 gevent==21.8.0  # pinned to a known-good version
 
 # Full-line comment below should be ignored
-
-
-
