From 47bb2ccf9a9ef18263f37160aada0a0e40511f78 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 24 Oct 2024 23:18:26 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5663682 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5777683 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813745 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813746 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813750 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5914629 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6036192 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6050294 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6092044 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6126975 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6149518 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6157248 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6210214 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6261585 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6592767 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6913422 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-7886970 - https://snyk.io/vuln/SNYK-PYTHON-DNSPYTHON-6241713 - https://snyk.io/vuln/SNYK-PYTHON-FLASK-5490129 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933 --- requirements.txt | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/requirements.txt b/requirements.txt index 349607b3..59d516f3 100644 --- a/requirements.txt +++ b/requirements.txt @@ -14,7 +14,7 @@ botocore==1.22.0 # s3transfer cachelib==0.1.1 # via flask-session -certifi==2019.11.28 +certifi==2023.7.22 # via requests cffi==1.14.0 # via cryptography @@ -24,7 +24,7 @@ click==7.0 # via flask contextlib2==0.6.0.post1 # via digitalmarketplace-utils -cryptography==39.0.1 +cryptography==43.0.1 # via digitalmarketplace-utils defusedxml==0.6.0 # via odfpy @@ -36,13 +36,13 @@ digitalmarketplace-utils==60.12.0 # via # -r requirements.in # digitalmarketplace-content-loader -dnspython==2.3.0 +dnspython==2.6.1 # via email-validator docopt==0.6.2 # via notifications-python-client email-validator==1.3.1 # via -r requirements.in -flask==1.1.4 +flask==2.2.5 # via # -r requirements.in # digitalmarketplace-content-loader @@ -72,7 +72,7 @@ govuk-country-register==0.5.0 # via digitalmarketplace-utils govuk-frontend-jinja @ git+https://github.com/Crown-Commercial-Service/govuk-frontend-jinja.git@v0.5.2-alpha # via -r requirements.in -idna==2.9 +idna==3.7 # via # email-validator # requests @@ -83,7 +83,7 @@ itsdangerous==1.1.0 # -r requirements.in # flask # flask-wtf -jinja2==2.11.3 +jinja2==3.1.4 # via # digitalmarketplace-content-loader # flask @@ -122,7 +122,7 @@ pyyaml==6.0.1 # via digitalmarketplace-content-loader redis==3.5.3 # via digitalmarketplace-utils -requests==2.26.0 +requests==2.32.2 # via # digitalmarketplace-apiclient # digitalmarketplace-utils @@ -134,11 +134,11 @@ six==1.14.0 # via python-dateutil unicodecsv==0.14.1 # via digitalmarketplace-utils -urllib3==1.26.5 +urllib3==1.26.19 # via # botocore # requests -werkzeug==1.0.1 +werkzeug==3.0.3 # via # flask # flask-login