From 8ab19f783f635f069dac3064fade48024235b8d3 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 9 Aug 2024 12:29:15 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2940618 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2968205 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3039675 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3266406 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3319450 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5496950 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5750790 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5880505 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5932095 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6041515 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6230369 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6370660 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7435780 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436273 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436514 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436646 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642790 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642791 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642813 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642814 - https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORK-7252137 - https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORKSIMPLEJWT-3104636 - https://snyk.io/vuln/SNYK-PYTHON-GUNICORN-6615672 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482 - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-1584201 - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-5426157 - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250 --- requirements.txt | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/requirements.txt b/requirements.txt index daf8d9bb..317ef433 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,30 +1,31 @@ APScheduler==3.8.0 asgiref==3.4.1 -certifi==2021.5.30 +certifi==2024.7.4 charset-normalizer==2.0.4 coreapi==2.3.3 coreschema==0.0.4 coverage==6.0.1 -Django==3.2.13 +Django==4.2.15 django-cors-headers==3.8.0 django-webpack-loader==1.1.0 -djangorestframework==3.12.4 -djangorestframework-simplejwt==4.8.0 +djangorestframework==3.15.2 +djangorestframework-simplejwt==5.2.2 drf-yasg==1.20.0 -gunicorn==20.1.0 -idna==3.2 +gunicorn==22.0.0 +idna==3.7 inflection==0.5.1 itypes==1.2.0 -Jinja2==3.0.1 +Jinja2==3.1.4 MarkupSafe==2.0.1 packaging==21.0 PyJWT==2.4.0 pyparsing==2.4.7 pytz==2021.1 -requests==2.26.0 +requests==2.32.2 ruamel.yaml==0.17.16 ruamel.yaml.clib==0.2.6 -sqlparse==0.4.1 +sqlparse==0.5.0 uritemplate==3.0.1 -urllib3==1.26.6 +urllib3==1.26.19 whitenoise==5.3.0 +setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability