From 67569d47c3df6cf109b9ac8e5cfe01dc2dd23348 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 4 Oct 2024 16:50:52 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ANYIO-7361842 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173 - https://snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713 - https://snyk.io/vuln/SNYK-PYTHON-FASTAPI-6228055 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-ORJSON-6276643 - https://snyk.io/vuln/SNYK-PYTHON-PYDANTIC-5907722 - https://snyk.io/vuln/SNYK-PYTHON-PYDANTIC-5926694 - https://snyk.io/vuln/SNYK-PYTHON-PYTHONMULTIPART-6227505 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- requirements.txt | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/requirements.txt b/requirements.txt index 712ea57..e7cdf49 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,33 +1,33 @@ annotated-types==0.5.0 -anyio==3.7.1 +anyio==4.4.0 astroid==2.15.6 -certifi==2023.7.22 +certifi==2024.7.4 click==8.1.6 dill==0.3.7 -dnspython==2.4.1 +dnspython==2.6.1 email-validator==2.0.0.post2 exceptiongroup==1.1.2 -fastapi==0.100.1 +fastapi==0.109.1 h11==0.14.0 httpcore==0.17.3 httptools==0.6.0 httpx==0.24.1 -idna==3.4 +idna==3.7 isort==5.12.0 itsdangerous==2.1.2 -Jinja2==3.1.2 +Jinja2==3.1.4 lazy-object-proxy==1.9.0 MarkupSafe==2.1.3 mccabe==0.7.0 -orjson==3.9.2 +orjson==3.9.15 platformdirs==3.10.0 -pydantic==2.1.1 +pydantic==2.4.0 pydantic-extra-types==2.0.0 pydantic-settings==2.0.2 pydantic_core==2.4.0 pylint==2.17.5 python-dotenv==1.0.0 -python-multipart==0.0.6 +python-multipart==0.0.7 PyYAML==6.0.1 sniffio==1.3.0 starlette==0.27.0 @@ -40,3 +40,4 @@ uvloop==0.17.0 watchfiles==0.19.0 websockets==11.0.3 wrapt==1.15.0 +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability