From 2e499bf30f4f67b4e93f5b5bcabdc43404971807 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 20 Jul 2024 05:35:14 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-2348630 - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-JOBLIB-3027033 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERCORE-3063766 - https://snyk.io/vuln/SNYK-PYTHON-MISTUNE-2940625 - https://snyk.io/vuln/SNYK-PYTHON-NBCONVERT-2979829 - https://snyk.io/vuln/SNYK-PYTHON-NLTK-1053952 - https://snyk.io/vuln/SNYK-PYTHON-NLTK-1660190 - https://snyk.io/vuln/SNYK-PYTHON-NLTK-1932014 - https://snyk.io/vuln/SNYK-PYTHON-NLTK-2313655 - https://snyk.io/vuln/SNYK-PYTHON-NLTK-5926697 - https://snyk.io/vuln/SNYK-PYTHON-NLTK-5926698 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-1041707 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-2441824 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-2928995 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1055461 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1055462 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1059090 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1080635 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1080654 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1081494 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1081501 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1081502 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1082329 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1082750 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090584 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090586 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090587 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090588 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1292150 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1292151 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1316216 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1319443 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2329135 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331901 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331905 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331907 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2397241 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-3113875 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-3113876 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574573 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574574 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574575 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574576 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-574577 - https://snyk.io/vuln/SNYK-PYTHON-PROMPTTOOLKIT-6141120 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217828 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217829 - https://snyk.io/vuln/SNYK-PYTHON-TQDM-6807582 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- requirements.txt | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/requirements.txt b/requirements.txt index a36bf34..819b4cd 100644 --- a/requirements.txt +++ b/requirements.txt @@ -8,3 +8,22 @@ langchain-community langchain_text_splitters unstructured unstructured[all-docs] +certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability +idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability +ipython>=8.10.0 # not directly required, pinned by Snyk to avoid a vulnerability +jinja2>=3.1.4 # not directly required, pinned by Snyk to avoid a vulnerability +joblib>=1.1.1 # not directly required, pinned by Snyk to avoid a vulnerability +jupyter-core>=4.11.2 # not directly required, pinned by Snyk to avoid a vulnerability +mistune>=2.0.3 # not directly required, pinned by Snyk to avoid a vulnerability +nbconvert>=6.3.0b0 # not directly required, pinned by Snyk to avoid a vulnerability +nltk>=3.8.1 # not directly required, pinned by Snyk to avoid a vulnerability +notebook>=6.4.12 # not directly required, pinned by Snyk to avoid a vulnerability +numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability +pillow>=9.2.0 # not directly required, pinned by Snyk to avoid a vulnerability +prompt-toolkit>=3.0.13 # not directly required, pinned by Snyk to avoid a vulnerability +pygments>=2.15.0 # not directly required, pinned by Snyk to avoid a vulnerability +requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability +setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability +tornado>=6.4.1 # not directly required, pinned by Snyk to avoid a vulnerability +tqdm>=4.66.3 # not directly required, pinned by Snyk to avoid a vulnerability +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability