From 4d2113efc4ba302f718fcfd7c50d2fd9d1a48651 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sat, 28 Dec 2024 08:18:21 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-8548181 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-8548987 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index e63a420..3012b6b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ requests~=2.26.0 PyYAML~=5.4.1 -Jinja2~=2.11.3 +Jinja2~=3.1.5 urllib3>=1.26.5 # not directly required, pinned by Snyk to avoid a vulnerability