From 51e1b96ba6084be1d47e434712eaedaecc00bae0 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 27 Nov 2023 23:22:41 +0000
Subject: [PATCH] fix: hail/python/dev/requirements.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862881
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862882
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512
---
 hail/python/dev/requirements.txt | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/hail/python/dev/requirements.txt b/hail/python/dev/requirements.txt
index 6e9a9df42a3..2d6c38080f0 100644
--- a/hail/python/dev/requirements.txt
+++ b/hail/python/dev/requirements.txt
@@ -38,3 +38,7 @@ types-six
 types-tabulate
 types-urllib3
 pillow>=10.0.1 # not directly required, pinned by Snyk to avoid a vulnerability
+ipython>=8.10.0 # not directly required, pinned by Snyk to avoid a vulnerability
+jupyter-server>=2.7.2 # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
+tornado>=6.3.3 # not directly required, pinned by Snyk to avoid a vulnerability