From 0c11cfcfc6580f103306e514ecc3cdef1a56ea14 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 7 Sep 2024 07:54:42 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091621 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091622 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209406 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209407 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6645291 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6808823 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-7675597 - https://snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713 - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- requirements.txt | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 07b9a8b..cd02d54 100644 --- a/requirements.txt +++ b/requirements.txt @@ -7,4 +7,9 @@ pymongo python-registry virustotal-api yara-python -git+https://github.com/smarnach/pyexiftool.git#egg=pyexiftool \ No newline at end of file +git+https://github.com/smarnach/pyexiftool.git#egg=pyexiftool +aiohttp>=3.10.2 # not directly required, pinned by Snyk to avoid a vulnerability +dnspython>=2.6.1 # not directly required, pinned by Snyk to avoid a vulnerability +sqlparse>=0.5.0 # not directly required, pinned by Snyk to avoid a vulnerability +urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file