From a146ea76d8383e4a09febd95e2ec2976fbe2e2c3 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 6 Sep 2021 02:55:29 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-BABEL-1278589 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994 - https://snyk.io/vuln/SNYK-PYTHON-LXML-1047473 - https://snyk.io/vuln/SNYK-PYTHON-LXML-1088006 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435 --- requirements.txt | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/requirements.txt b/requirements.txt index ac809a182..77778023c 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,7 +5,7 @@ # pip-compile --output-file=requirements.txt requirements.in # alabaster==0.7.12 # via sphinx -babel==2.8.0 # via sphinx +babel==2.9.1 # via sphinx certifi==2020.4.5.1 # via requests chardet==3.0.4 # via requests click==7.1.2 # via -r requirements.in @@ -14,12 +14,12 @@ cogapp==3.0.0 # via -r requirements.in docutils==0.16 # via codechat, sphinx idna==2.9 # via requests imagesize==1.2.0 # via sphinx -jinja2==2.11.2 # via sphinx -lxml==4.5.1 # via codechat +jinja2==2.11.3 # via sphinx +lxml==4.6.2 # via codechat markupsafe==1.1.1 # via jinja2 packaging==20.4 # via sphinx paver==1.3.4 # via -r requirements.in, sphinxcontrib-paverutils -pygments==2.6.1 # via codechat, sphinx +pygments==2.7.4 # via codechat, sphinx pyparsing==2.4.7 # via packaging pytz==2020.1 # via babel requests==2.23.0 # via sphinx @@ -34,7 +34,7 @@ sphinxcontrib-paverutils==1.17.0 # via -r requirements.in sphinxcontrib-qthelp==1.0.3 # via sphinx sphinxcontrib-serializinghtml==1.1.4 # via sphinx sqlalchemy==1.3.17 # via -r requirements.in -urllib3==1.25.9 # via requests +urllib3==1.26.5 # via requests # The following packages are considered to be unsafe in a requirements file: # setuptools