From caf4584ce5bd0938805d0d872c313c26616373be Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 10 Jul 2024 03:07:22 +0000 Subject: [PATCH] fix: daemons/validation-scheduler-daemon/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- .../validation-scheduler-daemon/requirements.txt | 15 ++++++++++++++- 1 file changed, 14 insertions(+), 1 deletion(-) mode change 120000 => 100644 daemons/validation-scheduler-daemon/requirements.txt diff --git a/daemons/validation-scheduler-daemon/requirements.txt b/daemons/validation-scheduler-daemon/requirements.txt deleted file mode 120000 index fd1efae7..00000000 --- a/daemons/validation-scheduler-daemon/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -../../requirements.txt \ No newline at end of file diff --git a/daemons/validation-scheduler-daemon/requirements.txt b/daemons/validation-scheduler-daemon/requirements.txt new file mode 100644 index 00000000..e75a5ea4 --- /dev/null +++ b/daemons/validation-scheduler-daemon/requirements.txt @@ -0,0 +1,14 @@ +alembic==1.0.0 +boto3==1.9.44 +botocore==1.12.119 +connexion==1.5.2 +cryptography==2.3.1 +dcplib>=2.0.0 +jsonschema==2.6.0 +psycopg2-binary==2.7.5 +PyJWT==1.6.4 +requests==2.20.0 +s3transfer<0.3.0,>=0.2.0 +SQLAlchemy==1.3.2 +tenacity==5.0.2 +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability