From 655a53514fe836150a0d9968d70460139b5ca691 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 1 Sep 2021 22:33:08 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505 - https://snyk.io/vuln/SNYK-PYTHON-PYLINT-1089548 - https://snyk.io/vuln/SNYK-PYTHON-PYLINT-568073 - https://snyk.io/vuln/SNYK-PYTHON-PYLINT-609883 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-72435 - https://snyk.io/vuln/SNYK-PYTHON-SPHINX-570772 - https://snyk.io/vuln/SNYK-PYTHON-SPHINX-570773 --- requirements.txt | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/requirements.txt b/requirements.txt index ad4d50e58..12475f13d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,7 +2,7 @@ pycrypto==2.6.1 pycryptodomex==3.4.5 codeclimate-test-reporter==0.2.1 nose==1.3.7 -pylint==1.6.5 +pylint==2.7.0 flake8==3.3.0 mccabe==0.6.1 pycodestyle==2.3.1 @@ -10,10 +10,10 @@ pyflakes==1.5.0 git+https://github.com/romanvm/Kodistubs.git#egg=Kodistubs httpretty==0.8.14 mock==1.0.1 -requests==2.12.4 +requests==2.20 pydes==2.0.1 radon==2.1.1 -Sphinx==1.5.5 +Sphinx==3.0.4 sphinx_rtd_theme==0.2.4 m2r==0.1.12 git+https://github.com/asciidisco/kodi-release-helper.git#egg=kodi-release-helper @@ -22,3 +22,4 @@ blessings==1.6 demjson==2.2.4 yamllint==1.8.1 restructuredtext_lint==1.1.1 +pygments>=2.7.4 # not directly required, pinned by Snyk to avoid a vulnerability