From f3e5cd4c7aabccc7996a692c6cd83b2f6f78831d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 28 Sep 2024 07:43:18 +0000 Subject: [PATCH] fix: py/examples/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ANYIO-7361842 - https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970 - https://snyk.io/vuln/SNYK-PYTHON-OPENCVPYTHON-5926695 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217828 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217829 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- py/examples/requirements.txt | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/py/examples/requirements.txt b/py/examples/requirements.txt index db07d850c3..f7a952d508 100644 --- a/py/examples/requirements.txt +++ b/py/examples/requirements.txt @@ -5,9 +5,15 @@ h2o_wave[ml] loguru==0.6.0 matplotlib==3.5.1 numpy==1.22.2 -opencv-python==4.5.5.64 +opencv-python==4.8.1.78 pandas==1.3.5 plotly==5.7.0 scikit-learn==1.2.2 toml==0.10.2 -vega-datasets==0.9.0 \ No newline at end of file +vega-datasets==0.9.0 +anyio>=4.4.0 # not directly required, pinned by Snyk to avoid a vulnerability +fonttools>=4.43.0 # not directly required, pinned by Snyk to avoid a vulnerability +pillow>=10.3.0 # not directly required, pinned by Snyk to avoid a vulnerability +setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability +tornado>=6.4.1 # not directly required, pinned by Snyk to avoid a vulnerability +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file