From c3117728d7d562383309b0b5094927a63825cae4 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 20 Mar 2024 17:47:12 +0000 Subject: [PATCH] fix: api/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-BLACK-6256273 - https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-PY-1049546 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177 --- api/requirements.txt | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/api/requirements.txt b/api/requirements.txt index 2aaa75d..fb343ca 100644 --- a/api/requirements.txt +++ b/api/requirements.txt @@ -1,20 +1,20 @@ appdirs==1.4.3 attrs==19.3.0 bcrypt==3.1.7 -black==19.10b0 +black==24.3.0 blinker==1.4 cffi==1.14.0 click==7.1.1 entrypoints==0.3 flake8==3.7.9 flasgger==0.9.4 -Flask==1.1.2 +Flask==2.2.5 Flask-Cors==3.0.8 flask-mongoengine==0.9.5 Flask-WTF==0.14.3 importlib-metadata==1.6.0 itsdangerous==1.1.0 -Jinja2==2.11.2 +Jinja2==3.1.3 jsonschema==3.2.0 loguru==0.4.1 MarkupSafe==1.1.1 @@ -25,7 +25,7 @@ more-itertools==8.2.0 packaging==20.3 pathspec==0.8.0 pluggy==0.13.1 -py==1.8.1 +py==1.10.0 pycodestyle==2.5.0 pycparser==2.20 pyflakes==2.1.1 @@ -41,6 +41,6 @@ six==1.14.0 toml==0.10.0 typed-ast==1.4.1 wcwidth==0.1.9 -Werkzeug==1.0.1 +Werkzeug==2.3.8 WTForms==2.3.1 zipp==3.1.0