snyk-bot
commited on
fix: requirements.txt to reduce vulnerabilities
Browse filesThe following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918
- requirements.txt +1 -1
requirements.txt
CHANGED
|
@@ -10,7 +10,7 @@ mypy==1.8.0
|
|
| 10 |
numexpr==2.8.8
|
| 11 |
numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability
|
| 12 |
openai==1.6.1
|
| 13 |
-
pillow>=10.0
|
| 14 |
pyarrow>=14.0.1 # not directly required, pinned by Snyk to avoid a vulnerability
|
| 15 |
pypdf==3.17.4
|
| 16 |
requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability
|
|
|
|
| 10 |
numexpr==2.8.8
|
| 11 |
numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability
|
| 12 |
openai==1.6.1
|
| 13 |
+
pillow>=10.2.0 # not directly required, pinned by Snyk to avoid a vulnerability
|
| 14 |
pyarrow>=14.0.1 # not directly required, pinned by Snyk to avoid a vulnerability
|
| 15 |
pypdf==3.17.4
|
| 16 |
requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability
|