From dbf5a71996b7d3ff0bc671676c87f681ca09b340 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 15 Nov 2022 03:02:04 +0000 Subject: [PATCH] fix: requirements-dev.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 Signed-off-by: Michael Beemer --- requirements-dev.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements-dev.txt b/requirements-dev.txt index f6d4c4a6..5ec08edc 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -102,3 +102,4 @@ wrapt==1.14.1 # The following packages are considered to be unsafe in a requirements file: # pip # setuptools +setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability