From c7e876b03e33166e1f23f87e40ecde90b399e647 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 12 Jul 2024 11:48:55 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-BLEACH-1069893 - https://snyk.io/vuln/SNYK-PYTHON-BLEACH-552160 - https://snyk.io/vuln/SNYK-PYTHON-BLEACH-561119 - https://snyk.io/vuln/SNYK-PYTHON-BLEACH-561754 - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-2348630 - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERCORE-3063766 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERLAB-6182923 - https://snyk.io/vuln/SNYK-PYTHON-MISTUNE-2940625 - https://snyk.io/vuln/SNYK-PYTHON-NBCONVERT-2979829 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-1041707 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-1567195 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-2441824 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-2928995 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970 - https://snyk.io/vuln/SNYK-PYTHON-PROMPTTOOLKIT-6141120 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217828 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217829 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- requirements.txt | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/requirements.txt b/requirements.txt index 1ab5baf..8382c83 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,7 +3,7 @@ apipkg==1.5 attrs==19.3.0 Babel==2.7.0 backcall==0.1.0 -bleach==3.1.0 +bleach==3.3.0 certifi==2019.11.28 chardet==3.0.4 Click==7.0 @@ -20,27 +20,27 @@ html-linter==0.4.0 idna==2.8 imagesize==1.1.0 ipykernel==5.1.3 -ipython==7.10.2 +ipython==8.10.0 ipython-genutils==0.2.0 ipywidgets==7.5.1 jedi==0.15.2 -Jinja2==2.10.3 +Jinja2==3.1.4 json5==0.8.5 jsonschema==3.2.0 jupyter==1.0.0 jupyter-client==5.3.4 jupyter-console==6.0.0 -jupyter-core==4.6.1 -jupyterlab==1.2.4 +jupyter-core==4.11.2 +jupyterlab==3.6.7 jupyterlab-server==1.0.6 MarkupSafe==1.1.1 memory-profiler==0.55.0 -mistune==0.8.4 +mistune==2.0.3 more-itertools==8.0.2 -nbconvert==5.6.1 +nbconvert==6.3.0b0 nbformat==4.4.0 -notebook==6.0.2 -numpy==1.18.0 +notebook==6.4.12 +numpy==1.22.2 packaging==19.2 pandas==0.25.3 pandocfilters==1.4.2 @@ -51,11 +51,11 @@ pexpect==4.7.0 pickleshare==0.7.5 pluggy==0.13.1 prometheus-client==0.7.1 -prompt-toolkit==3.0.2 +prompt-toolkit==3.0.13 psutil==5.6.7 ptyprocess==0.6.0 py==1.8.0 -Pygments==2.5.2 +Pygments==2.15.0 pyparsing==2.4.5 pyrsistent==0.15.6 pytest==5.3.2 @@ -87,9 +87,11 @@ termcolor==1.1.0 terminado==0.8.3 testpath==0.4.4 text-unidecode==1.3 -tornado==6.0.3 +tornado==6.4.1 traitlets==4.3.3 urllib3==1.25.7 wcwidth==0.1.7 webencodings==0.5.1 widgetsnbextension==3.5.1 +setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability