From 10ed768bc5184089779af9d7179e9b1b02540c7d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 1 Apr 2024 15:45:42 +0000 Subject: [PATCH] fix: packages/opal-common/requires.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 --- packages/opal-common/requires.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/packages/opal-common/requires.txt b/packages/opal-common/requires.txt index bbe8924a..345f37f2 100644 --- a/packages/opal-common/requires.txt +++ b/packages/opal-common/requires.txt @@ -8,3 +8,5 @@ python-decouple>=3.6,<4 tenacity>=8.0.1,<9 datadog>=0.44.0, <1 ddtrace>=2,<3 +certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability +requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability