From 1a38d6036b925fe771258ca3966f44860fce3fce Mon Sep 17 00:00:00 2001 From: Stein A Sivertsen Date: Thu, 5 Sep 2024 09:15:58 +0200 Subject: [PATCH] fix: ex-11/got-episodes-api-python/requirements.txt to reduce vulnerabilities (#28) The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ANYIO-7361842 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-7886970 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 Co-authored-by: snyk-bot --- ex-11/got-episodes-api-python/requirements.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/ex-11/got-episodes-api-python/requirements.txt b/ex-11/got-episodes-api-python/requirements.txt index c822244..f22f10e 100644 --- a/ex-11/got-episodes-api-python/requirements.txt +++ b/ex-11/got-episodes-api-python/requirements.txt @@ -1,7 +1,7 @@ fastapi==0.112.2 starlette==0.38.4 anyio==4.4.0 -cryptography==43.0.0 +cryptography==43.0.1 certifi==2024.7.4 idna==3.8 uvicorn[standard] @@ -11,4 +11,5 @@ authlib==1.3.2 pydantic-settings pytest httpx -urllib3==2.2.2 \ No newline at end of file +urllib3==2.2.2 +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file