From 9049eeb8f8b452cee6289370c47c1bb10a4fc611 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 25 Jun 2024 02:36:26 +0000 Subject: [PATCH] fix: services/bot/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ANYIO-7361842 --- services/bot/requirements.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/services/bot/requirements.txt b/services/bot/requirements.txt index 3e5158b4..4b35b37f 100644 --- a/services/bot/requirements.txt +++ b/services/bot/requirements.txt @@ -2,4 +2,5 @@ python-telegram-bot>=13.11 yt-dlp>=2022.6.29 loguru boto3 -setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file +setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability +anyio>=4.4.0 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file