From 42af92669a98b18abdfbf032258a5e6b3e1d44ed Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 19 Dec 2025 10:07:39 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-14151621 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192442 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192443 --- requirements.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/requirements.txt b/requirements.txt index 260012e..edcdbca 100644 --- a/requirements.txt +++ b/requirements.txt @@ -15,7 +15,7 @@ defusedxml==0.7.1 dirsearch==0.4.3.post1 Django==4.1.9 dnspython==2.2.1 -fonttools==4.38.0 +fonttools==4.61.0 fpdf==1.7.2 gitdb==4.0.10 GitPython==3.1.30 @@ -72,6 +72,6 @@ types-setuptools==65.6.0.2 types-toml==0.10.8.1 types-urllib3==1.26.25.4 typing_extensions==4.4.0 -urllib3==1.26.13 +urllib3==2.6.0 uro==0.0.4 setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability