From 926c58fd6212fd4c2040638aee2b661f7e2c4bc8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 5 Oct 2024 06:11:08 +0000 Subject: [PATCH] fix: requirements-test.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-5798483 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6057353 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091621 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091622 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091623 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209406 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209407 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6645291 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6808823 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-7675597 - https://snyk.io/vuln/SNYK-PYTHON-BANDIT-6241859 - https://snyk.io/vuln/SNYK-PYTHON-BLACK-6256273 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3112177 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3112180 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3172287 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3314966 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315324 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315328 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315331 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315452 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315972 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3315975 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316038 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-3316211 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5663682 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5777683 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813745 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813746 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5813750 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5914629 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6036192 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6050294 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6092044 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6126975 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6149518 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6157248 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6210214 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6592767 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6913422 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-7886970 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5840584 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5871282 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5876644 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-6150683 - https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-6615672 - https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-7856105 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-JOBLIB-3027033 - https://snyk.io/vuln/SNYK-PYTHON-OAUTHLIB-3021142 - https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-3031740 - https://snyk.io/vuln/SNYK-PYTHON-PYDANTIC-5907722 - https://snyk.io/vuln/SNYK-PYTHON-PYDANTIC-5926694 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-REDIS-5291195 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217828 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217829 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- requirements-test.txt | 40 +++++++++++++++++++++------------------- 1 file changed, 21 insertions(+), 19 deletions(-) diff --git a/requirements-test.txt b/requirements-test.txt index 547cb644..f2766c95 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -4,7 +4,7 @@ # # pip-compile --no-emit-index-url --output-file=requirements-test.txt requirements-test.in requirements.txt # -aiohttp==3.8.1 +aiohttp==3.10.2 # via # -c requirements.txt # -r requirements.txt @@ -56,7 +56,7 @@ attrs==21.4.0 # aiohttp # jsonschema # pytest -bandit==1.7.4 +bandit==1.7.7 # via -r requirements-test.in bcrypt==3.2.2 # via @@ -72,7 +72,7 @@ billiard==3.6.4.0 # -c requirements.txt # -r requirements.txt # celery -black==22.6.0 +black==24.3.0 # via # -c requirements.txt # -r requirements-test.in @@ -116,7 +116,7 @@ celery==5.2.7 # via # -c requirements.txt # -r requirements.txt -certifi==2022.6.15 +certifi==2024.7.4 # via # -c requirements.txt # -r requirements.txt @@ -182,7 +182,7 @@ coverage[toml]==6.4.2 # via # -r requirements-test.in # pytest-cov -cryptography==37.0.4 +cryptography==43.0.1 # via # -c requirements.txt # -r requirements.txt @@ -287,7 +287,7 @@ gitdb==4.0.9 # -c requirements.txt # -r requirements.txt # gitpython -gitpython==3.1.27 +gitpython==3.1.41 # via # -c requirements.txt # -r requirements.txt @@ -341,7 +341,7 @@ googleapis-common-protos==1.56.4 # -c requirements.txt # -r requirements.txt # google-api-core -gunicorn==20.1.0 +gunicorn==22.0.0 # via # -c requirements.txt # -r requirements.txt @@ -357,7 +357,7 @@ httplib2==0.20.4 # google-auth-httplib2 identify==2.5.1 # via pre-commit -idna==3.3 +idna==3.7 # via # -c requirements.txt # -r requirements.txt @@ -388,7 +388,7 @@ isort==5.10.1 # -r requirements.txt # datamodel-code-generator # pylint -jinja2==3.1.2 +jinja2==3.1.4 # via # -c requirements.txt # -r requirements.txt @@ -401,7 +401,7 @@ jmespath==1.0.1 # boto3 # botocore # parliament -joblib==1.1.0 +joblib==1.1.1 # via # -c requirements.txt # -r requirements.txt @@ -485,7 +485,7 @@ numpy==1.23.1 # -c requirements.txt # -r requirements.txt # pandas -oauthlib==3.2.0 +oauthlib==3.2.2 # via # -c requirements.txt # -r requirements.txt @@ -582,7 +582,7 @@ prompt-toolkit==3.0.30 # -r requirements.txt # click-repl # questionary -protobuf==4.21.2 +protobuf==4.21.6 # via # -c requirements.txt # -r requirements.txt @@ -621,7 +621,7 @@ pycurl==7.45.1 # via # -c requirements.txt # -r requirements.txt -pydantic[email]==1.9.1 +pydantic==1.10.13 # via # -c requirements.txt # -r requirements.txt @@ -630,7 +630,7 @@ pydocstyle==6.1.1 # via flake8-docstrings pyflakes==2.4.0 # via flake8 -pygments==2.12.0 +pygments==2.15.0 # via readme-renderer pyjwt==2.4.0 # via @@ -735,12 +735,12 @@ questionary==1.10.0 # -r requirements.txt readme-renderer==35.0 # via -r requirements-test.in -redis==4.3.4 +redis==4.3.6 # via # -c requirements.txt # -r requirements.txt # fakeredis -requests==2.28.1 +requests==2.32.2 # via # -c requirements.txt # -r requirements.txt @@ -878,7 +878,7 @@ tomlkit==0.11.1 # -c requirements.txt # -r requirements.txt # pylint -tornado==6.2 +tornado==6.4.1 # via # -c requirements.txt # -r requirements-test.in @@ -906,7 +906,7 @@ uritemplate==4.1.1 # -c requirements.txt # -r requirements.txt # google-api-python-client -urllib3==1.26.10 +urllib3==1.26.19 # via # -c requirements.txt # -r requirements.txt @@ -946,7 +946,7 @@ webencodings==0.5.1 # bleach websocket-client==1.3.3 # via docker -werkzeug==2.1.2 +werkzeug==3.0.3 # via moto wrapt==1.14.1 # via @@ -969,3 +969,5 @@ yarl==1.7.2 # The following packages are considered to be unsafe in a requirements file: # setuptools +setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability