From 39c869dc112c283db1df715e70f7d90c3e228e19 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 15 Dec 2025 10:25:35 +0000 Subject: [PATCH] fix: requirements/bob-requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-14151621 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-14400977 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-14400978 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-14400979 --- requirements/bob-requirements.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/requirements/bob-requirements.txt b/requirements/bob-requirements.txt index 247d18c2..4b1b81f8 100644 --- a/requirements/bob-requirements.txt +++ b/requirements/bob-requirements.txt @@ -19,3 +19,5 @@ plotly # pytest pytest pytest-cov +fonttools>=4.61.0 # not directly required, pinned by Snyk to avoid a vulnerability +tornado>=6.5.3 # not directly required, pinned by Snyk to avoid a vulnerability