From 3a058a287007656eb7dcfa4a579af74c3fa7785b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 29 Oct 2022 22:20:08 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-BOTO-2849305 - https://snyk.io/vuln/SNYK-PYTHON-BOTO-40479 - https://snyk.io/vuln/SNYK-PYTHON-PY-1049546 - https://snyk.io/vuln/SNYK-PYTHON-PYRAMID-40730 - https://snyk.io/vuln/SNYK-PYTHON-PYRAMID-564353 - https://snyk.io/vuln/SNYK-PYTHON-PYYAML-42159 - https://snyk.io/vuln/SNYK-PYTHON-PYYAML-559098 - https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-72435 - https://snyk.io/vuln/SNYK-PYTHON-WEBOB-40490 --- requirements.txt | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/requirements.txt b/requirements.txt index 81a9ad0..157ebd5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,13 +3,13 @@ Jinja2==2.7.3 LEPL==5.1.3 MarkupSafe==0.23 PasteDeploy==1.5.2 -PyYAML==3.11 +PyYAML==5.4 Pygments==2.0.2 Sphinx==1.3.1 -WebOb==1.4.1 +WebOb==1.6.0a0 WebTest==2.0.18 beautifulsoup4==4.3.2 -boto==2.31.1 +boto==2.39.0 chaussette==1.2 cornice==1.0.0 couchdb-schematics==1.1.1 @@ -22,15 +22,15 @@ jsonpointer==1.9 mock==1.0.1 nose==1.3.4 pbkdf2==1.3 -py==1.4.26 +py==1.10.0 pycrypto==2.6.1 pyramid-exclog==0.7 -pyramid==1.5.7 +pyramid==1.6a2 pytest==2.6.4 python-coveralls==2.5.0 pytz==2014.10 repoze.lru==0.6 -requests==2.7.0 +requests==2.20 schematics==1.1.1 setuptools==7.0 sh==1.11