From 65657a7b7f4a65ed372dd9b926c1b058b827d1aa Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 6 Feb 2024 19:55:15 +0000 Subject: [PATCH] fix: hail/python/dev/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091621 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6091622 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209406 - https://snyk.io/vuln/SNYK-PYTHON-AIOHTTP-6209407 - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862881 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862882 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-6099119 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512 --- hail/python/dev/requirements.txt | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/hail/python/dev/requirements.txt b/hail/python/dev/requirements.txt index 51c57b7bb92..8d8f0afddea 100644 --- a/hail/python/dev/requirements.txt +++ b/hail/python/dev/requirements.txt @@ -40,3 +40,8 @@ types-six types-tabulate types-urllib3 pillow>=10.0.1 # not directly required, pinned by Snyk to avoid a vulnerability +aiohttp>=3.9.2 # not directly required, pinned by Snyk to avoid a vulnerability +ipython>=8.10.0 # not directly required, pinned by Snyk to avoid a vulnerability +jupyter-server>=2.11.2 # not directly required, pinned by Snyk to avoid a vulnerability +setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability +tornado>=6.3.3 # not directly required, pinned by Snyk to avoid a vulnerability