Skip to content

Commit

Permalink
fix: requirements.txt to reduce vulnerabilities
Browse files Browse the repository at this point in the history 
The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-JOBLIB-3027033
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-SCIKITLEARN-1079100
- https://snyk.io/vuln/SNYK-PYTHON-SCIKITLEARN-3186293
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5756497
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5759266
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
  • Loading branch information
@snyk-bot
snyk-bot committed Feb 9, 2024
1 parent 8559649 commit b404b6a
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ intervaltree
luigi
more-itertools
# for tf 2.6.0
numpy==1.19.2
numpy==1.22.2
pandas
pre-commit
pynvml
Expand All @@ -25,3 +25,8 @@ tqdm
numba==0.48
#numba>=0.49.0 # not directly required, pinned by Snyk to avoid a vulnerability
scikit-learn>=0.24.2 # not directly required, pinned by Snyk to avoid a vulnerability
certifi>=2023.7.22 # not directly required, pinned by Snyk to avoid a vulnerability
joblib>=1.1.1 # not directly required, pinned by Snyk to avoid a vulnerability
requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability
scipy>=1.10.0rc1 # not directly required, pinned by Snyk to avoid a vulnerability
setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability

0 comments on commit b404b6a

Please sign in to comment.