From 0f27fe549465857c8b84839d02ce926ffb90841e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 5 Oct 2022 20:45:49 +0000 Subject: [PATCH] fix: requirements-dev.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-1022152 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-1012994 - https://snyk.io/vuln/SNYK-PYTHON-PY-1049546 - https://snyk.io/vuln/SNYK-PYTHON-PYLINT-1089548 - https://snyk.io/vuln/SNYK-PYTHON-PYLINT-568073 - https://snyk.io/vuln/SNYK-PYTHON-PYLINT-609883 - https://snyk.io/vuln/SNYK-PYTHON-PYYAML-559098 - https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151 - https://snyk.io/vuln/SNYK-PYTHON-RSA-1038401 - https://snyk.io/vuln/SNYK-PYTHON-RSA-570831 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1014645 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-559452 --- requirements-dev.txt | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/requirements-dev.txt b/requirements-dev.txt index 19aa441..caf69bd 100644 --- a/requirements-dev.txt +++ b/requirements-dev.txt @@ -17,7 +17,7 @@ chardet==3.0.4; python_version >= "2.7" and python_full_version < "3.0.0" or pyt click==7.0; python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.6" colorama==0.4.3; python_version >= "3.5" and sys_platform == "win32" and python_full_version < "3.0.0" or python_version >= "3.5" and sys_platform == "win32" and python_full_version >= "3.5.0" coverage==5.0.1; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version < "4" -cryptography==2.8; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" +cryptography==3.2; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" cyclonedx-bom==0.4.2 docker==4.1.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" docutils==0.15.2; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" @@ -28,7 +28,7 @@ future==0.18.2; python_version >= "2.6" and python_full_version < "3.0.0" or pyt idna==2.8; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" importlib-metadata==1.3.0; python_version >= "3.5" and python_version < "3.8" and python_full_version < "3.0.0" or python_version >= "3.5" and python_version < "3.8" and python_full_version >= "3.5.0" isort==4.3.21; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.5" -jinja2==2.10.3 +jinja2==2.11.3 jmespath==0.9.4; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" jsondiff==1.1.2 jsonpatch==1.24; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" @@ -46,10 +46,10 @@ mypy==0.761 packageurl-python==0.9.3 packaging==20.4; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.5" pluggy==0.13.1; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.5" -py==1.8.1; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.5" +py==1.10.0; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" and python_version >= "3.5" pyasn1==0.4.8 pycparser==2.19; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" -pylint==2.4.4; python_version >= "3.5" +pylint==2.7.0; python_version >= "3.5" pyparsing==2.4.6; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" pypiwin32==223; sys_platform == "win32" and python_version >= "3.6" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6") pyrsistent==0.15.6 @@ -64,11 +64,11 @@ python-dateutil==2.8.1; python_version >= "2.7" and python_full_version < "3.0.0 python-jose==3.1.0 pytz==2019.3 pywin32==227; sys_platform == "win32" and python_version >= "3.6" and (python_version >= "3.6" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.6") -pyyaml==5.2; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" +pyyaml==5.4; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" requests==2.24.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" requirements-parser==0.2.0 responses==0.10.9; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0" -rsa==4.0 +rsa==4.7 s3transfer==0.2.1 six==1.13.0; python_version >= "3.5" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version >= "3.5" sshpubkeys==3.1.0 @@ -76,7 +76,7 @@ structlog==19.2.0 toml==0.10.0; python_version >= "3.6" typed-ast==1.4.0; python_version >= "3.5" and python_version < "3.8" and (python_version >= "3.5" and python_version < "3.8" or python_version >= "3.8") or python_version >= "3.5" and python_version < "3.8" and (python_version >= "3.5" and python_version < "3.8" or python_version >= "3.8") and implementation_name == "cpython" typing-extensions==3.7.4.1; python_version >= "3.5" and python_version < "3.8" and (python_version >= "3.5" and python_version < "3.8" or python_version >= "3.8") -urllib3==1.25.7; python_version >= "3.4" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version < "4" and python_version >= "3.4" +urllib3==1.26.5; python_version >= "3.4" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" and python_version < "4" and python_version >= "3.4" wcwidth==0.1.7; python_version >= "3.5" websocket-client==0.57.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.5.0" werkzeug==0.16.0; python_version >= "2.7" and python_full_version < "3.0.0" or python_full_version >= "3.4.0"