From aeecece9e70ad91204deca6367fa6b0f8acc33c0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 9 Sep 2024 09:19:57 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- requirements.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index f0010bb..1e9cede 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,8 +4,9 @@ Flask==3.0.2 Flask-SQLAlchemy==3.1.1 greenlet==3.0.3 itsdangerous==2.1.2 -Jinja2==3.1.3 +Jinja2==3.1.4 MarkupSafe==2.1.5 SQLAlchemy==2.0.25 typing_extensions==4.9.0 Werkzeug==3.0.1 +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability