fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129 - https://snyk.io/vuln/SNYK-PYTHON-GEVENT-5906371 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-PYJWT-2840625 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1085966 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
salzateatfluid · Jun 13, 2024 · bcd9e18 · bcd9e18
1 parent dd59ceb
commit bcd9e18
Showing 1 changed file with 10 additions and 9 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -1,15 +1,15 @@
 aniso8601==7.0.0
 attrs==21.4.0
-certifi==2020.12.5
+certifi==2023.7.22
 chardet==4.0.0
 click==7.1.2
-Flask==1.1.2
+Flask==2.2.5
 Flask-Cors==3.0.10
 Flask-GraphQL==2.0.1
 Flask-GraphQL-Auth==1.3.2
 Flask-Sockets==0.2.1
 Flask-SQLAlchemy==2.4.4
-gevent==21.12.0
+gevent==23.9.0
 gevent-websocket==0.10.1
 graphene==2.1.8
 graphene-sqlalchemy==2.3.0
@@ -18,27 +18,28 @@ graphql-relay==2.0.1
 graphql-server-core==1.2.0
 graphql-ws==0.4.4
 greenlet==1.1.2
-idna==2.10
+idna==3.7
 iniconfig==1.1.1
 itsdangerous==1.1.0
-Jinja2==2.11.2
+Jinja2==3.1.4
 MarkupSafe==1.1.1
 packaging==21.3
 pluggy==1.0.0
 promise==2.3
 py==1.11.0
-PyJWT==1.7.1
+PyJWT==2.4.0
 pyparsing==3.0.9
 Pypubsub==4.0.3
 pytest==7.0.1
 pytest-flask==1.2.0
-requests==2.25.1
+requests==2.32.2
 Rx==1.6.1
 singledispatch==3.4.0.3
 six==1.15.0
 SQLAlchemy==1.3.22
 tomli==1.2.3
-urllib3==1.26.3
-Werkzeug==1.0.1
+urllib3==1.26.18
+Werkzeug==3.0.3
 zope.event==4.5.0
 zope.interface==5.4.0
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability