From 95e9ec4fd8e41b2a7b011434a0bd269910d092b3 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 24 Apr 2024 01:31:21 +0000 Subject: [PATCH] fix: colab_requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-2348630 - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERCORE-3063766 - https://snyk.io/vuln/SNYK-PYTHON-MISTUNE-2940625 - https://snyk.io/vuln/SNYK-PYTHON-NBCONVERT-2979829 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-1041707 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-2441824 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-2928995 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969 - https://snyk.io/vuln/SNYK-PYTHON-PROMPTTOOLKIT-6141120 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512 --- colab_requirements.txt | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/colab_requirements.txt b/colab_requirements.txt index ad064135a1..6860ba548e 100644 --- a/colab_requirements.txt +++ b/colab_requirements.txt @@ -1,2 +1,13 @@ matplotlib jupyter +ipython>=8.10.0 # not directly required, pinned by Snyk to avoid a vulnerability +jinja2>=3.1.3 # not directly required, pinned by Snyk to avoid a vulnerability +jupyter-core>=4.11.2 # not directly required, pinned by Snyk to avoid a vulnerability +mistune>=2.0.3 # not directly required, pinned by Snyk to avoid a vulnerability +nbconvert>=6.3.0b0 # not directly required, pinned by Snyk to avoid a vulnerability +notebook>=6.4.12 # not directly required, pinned by Snyk to avoid a vulnerability +numpy>=1.21.0rc1 # not directly required, pinned by Snyk to avoid a vulnerability +prompt-toolkit>=3.0.13 # not directly required, pinned by Snyk to avoid a vulnerability +pygments>=2.15.0 # not directly required, pinned by Snyk to avoid a vulnerability +setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability +tornado>=6.3.3 # not directly required, pinned by Snyk to avoid a vulnerability