From fbb0a6aafb4959bffe1089e87cf946e0977d7df8 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 27 Sep 2023 05:20:10 +0000 Subject: fix: dev-requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878 --- dev-requirements.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dev-requirements.txt b/dev-requirements.txt index aaae71eb..e0757fdc 100644 --- a/dev-requirements.txt +++ b/dev-requirements.txt @@ -11,4 +11,5 @@ memory-profiler matplotlib semgrep setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability -numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file +numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability +pillow>=10.0.1 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file -- cgit v1.2.3