From ad17f3b5cfc41a3aece42fced6f28e57d6795d2a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 4 Dec 2025 15:01:58 +0000 Subject: [PATCH] fix: requirements/production.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157807 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157810 - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-14157217 --- requirements/production.txt | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/requirements/production.txt b/requirements/production.txt index 45d0df88b..e1ee4b68b 100644 --- a/requirements/production.txt +++ b/requirements/production.txt @@ -14,4 +14,6 @@ setuptools>=68.2.2 # not directly required, pinned by Snyk to avoid a vulnerabil # Elastic-APM # https://pypi.org/project/elastic-apm/ # ------------------------------------------------------------------------------ -elastic-apm==6.21.4.post8347027212 \ No newline at end of file +elastic-apm==6.21.4.post8347027212 +django>=4.2.27 # not directly required, pinned by Snyk to avoid a vulnerability +sqlparse>=0.5.4 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file