fix: [Snyk] Security upgrade pillow from 9.5.0 to 10.0.1 (#3601)

* fix: doc/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 * fix: add pillow to .csv file for scanning --------- Co-authored-by: snyk-bot <snyk-bot@snyk.io>
intel · Jan 11, 2024 · 17f7306 · 17f7306
1 parent 9a942ce
commit 17f7306
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/doc/requirements.csv b/doc/requirements.csv
@@ -3,3 +3,4 @@ sphinx-doc_not_in_db,Sphinx
 ryanfox_not_in_db,sphinx_markdown_tables
 executablebooks_not_in_db,myst_parser
 anthonyharrison_not_in_db,sbom2doc
+pillow,pillow
diff --git a/doc/requirements.txt b/doc/requirements.txt
@@ -1,4 +1,5 @@
 Sphinx==7.2.6
 sphinx_markdown_tables
 myst_parser==2.0.0
-sbom2doc
+sbom2doc
+pillow>=10.0.1 # not directly required, pinned by Snyk to avoid a vulnerability