Skip to content

Commit

Permalink
fix: requirements/local.txt to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
  • Loading branch information
@snyk-bot
snyk-bot committed Jul 17, 2024
1 parent 9ee4fc8 commit efde1f3
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion requirements/local.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@
-r dev.txt

# Mozilla's CA bundle
certifi==2015.11.20.1 \
certifi==2023.7.22.1 \
--hash=sha256:ad86683448f7483d4147a64d96856e551734e594c4563747e9fbe2368df13d3f \
--hash=sha256:30b0a7354a1b32caa8b4705d3f5fb2dadefac7ba4bf8af8a2176869f93e38f16

Expand All @@ -18,3 +18,5 @@ locustio==0.7.3 \
# python -c 'import requests; requests.get("https://sni.velox.ch")'
ndg-httpsclient==0.4.2 \
--hash=sha256:580987ef194334c50389e0d7de885fccf15605c13c6eecaabd8d6c43768eb8ac
setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability
zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability

0 comments on commit efde1f3

Please sign in to comment.