From b7a65094c7beca217109ca1ed72e68690fecba4e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 28 Jul 2024 00:03:27 +0000 Subject: [PATCH] fix: packages/python/plotly/test_requirements/requirements_39_optional.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ANYIO-7361842 - https://snyk.io/vuln/SNYK-PYTHON-FIONA-7462744 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-2348630 - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862881 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862882 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-6099119 - https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-7217832 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1316216 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1319443 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1727377 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2329135 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331901 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331905 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331907 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2397241 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-3113875 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-3113876 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866 - https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5756497 - https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5759266 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217828 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217829 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- .../requirements_39_optional.txt | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/packages/python/plotly/test_requirements/requirements_39_optional.txt b/packages/python/plotly/test_requirements/requirements_39_optional.txt index 411c9c0f158..f06c77743a4 100644 --- a/packages/python/plotly/test_requirements/requirements_39_optional.txt +++ b/packages/python/plotly/test_requirements/requirements_39_optional.txt @@ -1,17 +1,17 @@ requests==2.25.1 tenacity==6.2.0 pandas==1.2.4 -numpy==1.20.2 +numpy==1.22.2 xarray==0.17.0 statsmodels -Pillow==8.2.0 +Pillow==10.3.0 pytest==6.2.3 pytz==2021.1 -ipython[all]==7.22.0 +ipython==8.10.0 ipywidgets==7.6.3 ipykernel==5.5.3 jupyter==1.0.0 -scipy==1.6.2 +scipy==1.10.0rc1 Shapely==1.7.1 geopandas==0.9.0 pyshp==2.1.3 @@ -19,3 +19,10 @@ matplotlib==2.2.3 scikit-image==0.18.1 psutil==5.7.0 kaleido +anyio>=4.4.0 # not directly required, pinned by Snyk to avoid a vulnerability +fiona>=1.10b2 # not directly required, pinned by Snyk to avoid a vulnerability +idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability +jupyter-server>=2.14.1 # not directly required, pinned by Snyk to avoid a vulnerability +setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability +tornado>=6.4.1 # not directly required, pinned by Snyk to avoid a vulnerability +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability