From ca6758bbc0a9ac7aa018bb83c3dd37188fcb6682 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 29 Oct 2024 21:53:05 +0000 Subject: [PATCH] fix: h2o-py/test-requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-8309091 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-8309092 --- h2o-py/test-requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/h2o-py/test-requirements.txt b/h2o-py/test-requirements.txt index 12807923acc3..80ffa9b4b459 100644 --- a/h2o-py/test-requirements.txt +++ b/h2o-py/test-requirements.txt @@ -54,3 +54,4 @@ typing_extensions==4.9.0; python_version >= '3.8' mypy==0.971; python_version < '3.7' mypy==1.4.1; python_version >= '3.7' and python_version < '3.8' mypy==1.8.0; python_version >= '3.8' +werkzeug>=3.0.6 # not directly required, pinned by Snyk to avoid a vulnerability