From 7bfaec65a71b4683d40272ce19a709786ddf579e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 26 Mar 2024 20:49:16 +0000 Subject: [PATCH] fix: requirements-test.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986 --- requirements-test.txt | 3 +++ 1 file changed, 3 insertions(+) diff --git a/requirements-test.txt b/requirements-test.txt index 4bf98797cf..08822b0b13 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -11,3 +11,6 @@ seaborn xarray>=0.13 wheel pyarrow +fonttools>=4.43.0 # not directly required, pinned by Snyk to avoid a vulnerability +numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability +pillow>=10.2.0 # not directly required, pinned by Snyk to avoid a vulnerability