Skip to content

Commit

Permalink
fix: requirements-dev.txt to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6149518
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6157248
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6261585
- https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6592767
- https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-REDIS-5291195
- https://snyk.io/vuln/SNYK-PYTHON-REDIS-5291196
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
  • Loading branch information
@snyk-bot
snyk-bot committed Jul 21, 2024
1 parent 0f38aca commit 367aef0
Showing 1 changed file with 10 additions and 9 deletions.
19 changes: 10 additions & 9 deletions requirements-dev.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@ botocore==1.29.89
# s3transfer
cachelib==0.1.1
# via flask-session
certifi==2022.12.7
certifi==2024.7.4
# via requests
cffi==1.14.5
# via cryptography
Expand All @@ -35,7 +35,7 @@ click==7.1.2
# via flask
contextlib2==21.6.0
# via sanitized-package
cryptography==39.0.2
cryptography==42.0.6
# via
# moto
# sanitized-package
Expand All @@ -47,7 +47,7 @@ docopt==0.6.2
# via notifications-python-client
flake8==3.9.2
# via -r requirements-dev.in
flask==1.1.4
flask==2.2.5
# via
# flask-gzip
# flask-login
Expand All @@ -73,15 +73,15 @@ govuk-country-register==0.5.0
# via sanitized-package
hypothesis==6.14.0
# via -r requirements-dev.in
idna==2.8
idna==3.7
# via requests
iniconfig==1.1.1
# via pytest
itsdangerous==1.1.0
# via
# flask
# flask-wtf
jinja2==2.11.3
jinja2==3.1.4
# via
# flask
# moto
Expand Down Expand Up @@ -141,9 +141,9 @@ pytz==2022.7.1
# via
# moto
# sanitized-package
redis==4.5.1
redis==4.5.4
# via sanitized-package
requests==2.28.2
requests==2.32.2
# via
# mailchimp3
# moto
Expand Down Expand Up @@ -189,12 +189,12 @@ typing-extensions==3.7.4.3
# via mypy
unicodecsv==0.14.1
# via sanitized-package
urllib3==1.26.5
urllib3==1.26.19
# via
# botocore
# requests
# responses
werkzeug==1.0.1
werkzeug==3.0.3
# via
# flask
# flask-login
Expand All @@ -208,3 +208,4 @@ xmltodict==0.12.0

# The following packages are considered to be unsafe in a requirements file:
# setuptools
zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability

0 comments on commit 367aef0

Please sign in to comment.