fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
HumanCellAtlas · Feb 27, 2024 · 5d20b87 · 5d20b87
1 parent d9e22df
commit 5d20b87
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/requirements.txt b/requirements.txt
@@ -13,4 +13,5 @@ requests-mock>=1.5.2,<2
 six==1.15.0
 tenacity>=5.0.2,<5.1
 PyJWT==1.6.4
-git+git://github.com/HumanCellAtlas/metadata-api@release/1.0b20#egg=hca-metadata-api[dss]
+git+git://github.com/HumanCellAtlas/metadata-api@release/1.0b20#egg=hca-metadata-api[dss]
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability