From 797db61d807e49509b5c8e9ad536a1bff281d7e1 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 4 Feb 2024 20:35:47 +0000 Subject: [PATCH] fix: requirements-dev.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382 - https://snyk.io/vuln/SNYK-PYTHON-PROMPTTOOLKIT-6141120 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 --- requirements-dev.txt | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index 7ed8a6b..bdb3698 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -18,7 +18,7 @@ freezegun==1.0.0 # via -r requirements-dev.in importlib-metadata==2.0.0 # via flake8, pluggy, pytest iniconfig==1.0.1 # via pytest ipython-genutils==0.2.0 # via traitlets -ipython==7.16.3 # via -r requirements-dev.in +ipython==8.10.0 # via -r requirements-dev.in jedi==0.17.2 # via ipython mccabe==0.6.1 # via flake8 mypy-extensions==0.4.3 # via black @@ -29,12 +29,12 @@ pexpect==4.8.0 # via ipython pickleshare==0.7.5 # via ipython platformdirs==2.4.0 # via black pluggy==0.13.1 # via pytest -prompt-toolkit==3.0.7 # via ipython +prompt-toolkit==3.0.13 # via ipython ptyprocess==0.6.0 # via pexpect py==1.10.0 # via pytest pycodestyle==2.6.0 # via flake8 pyflakes==2.2.0 # via flake8 -pygments==2.7.1 # via ipython +pygments==2.15.0 # via ipython pyparsing==2.4.7 # via packaging pytest-cov==2.10.1 # via -r requirements-dev.in pytest-django==3.10.0 # via -r requirements-dev.in @@ -53,3 +53,4 @@ zipp==3.3.0 # via importlib-metadata # The following packages are considered to be unsafe in a requirements file: # setuptools +setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability