From 1e925cb2b9a035b0125b7bdaabab98a346554172 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 9 Mar 2024 22:01:45 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-BANDIT-6241859 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3112177 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3112180 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3172287 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3314966 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315324 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315328 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315331 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315452 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315972 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315975 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316038 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316211 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5663682 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5777683 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813745 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813746 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813750 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5914629 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6036192 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6050294 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6092044 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6126975 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6149518 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6157248 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6210214 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6261585 - https://snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713 - https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5840584 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5871282 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5876644 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-6150683 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5489784 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459 --- requirements.txt | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/requirements.txt b/requirements.txt index 260012e..da3bb24 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,30 +1,30 @@ asgiref==3.6.0 -bandit==1.7.4 +bandit==1.7.7 bcrypt==4.0.1 beautifulsoup4==4.11.1 -certifi==2022.12.7 +certifi==2023.7.22 cffi==1.15.1 chardet==5.1.0 charset-normalizer==2.0.12 click==8.1.3 colorama==0.4.6 contourpy==1.0.6 -cryptography==38.0.0 +cryptography==42.0.4 cycler==0.11.0 defusedxml==0.7.1 dirsearch==0.4.3.post1 Django==4.1.9 -dnspython==2.2.1 -fonttools==4.38.0 +dnspython==2.6.1 +fonttools==4.43.0 fpdf==1.7.2 gitdb==4.0.10 -GitPython==3.1.30 +GitPython==3.1.41 google==3.0.0 greenlet==2.0.1 gunicorn==20.1.0 humanize==4.4.0 idna==3.4 -Jinja2==3.1.2 +Jinja2==3.1.3 kiwisolver==1.4.4 MarkupSafe==2.1.1 matplotlib==3.6.2 @@ -36,7 +36,7 @@ numpy==1.24.0 packaging==22.0 paramiko==2.12.0 pbr==5.11.0 -Pillow==9.3.0 +Pillow==10.2.0 proxy-db==0.3.1 psycopg2-binary==2.9.5 pycparser==2.21 @@ -72,6 +72,6 @@ types-setuptools==65.6.0.2 types-toml==0.10.8.1 types-urllib3==1.26.25.4 typing_extensions==4.4.0 -urllib3==1.26.13 +urllib3==1.26.18 uro==0.0.4 setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability