fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6645291 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
rexdivakar · Apr 20, 2024 · e81a638 · e81a638
1 parent 065165d
commit e81a638
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/requirements.txt b/requirements.txt
@@ -3,4 +3,6 @@ numpy==1.22.2
 matplotlib==3.2.2
 slackclient==2.9.3
 psutil==5.7.3
-python-dotenv==0.15.0
+python-dotenv==0.15.0
+aiohttp>=3.9.4 # not directly required, pinned by Snyk to avoid a vulnerability
+idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability