snyk-bot
commited on
fix: requirements.txt to reduce vulnerabilities
Browse filesThe following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-STREAMLIT-5880413
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803
- requirements.txt +2 -0
requirements.txt
CHANGED
|
@@ -7,3 +7,5 @@ pypdf==3.16.2
|
|
| 7 |
streamlit==1.27.0
|
| 8 |
streamlit-feedback==0.1.2
|
| 9 |
tiktoken==0.5.1
|
|
|
|
|
|
|
|
|
| 7 |
streamlit==1.27.0
|
| 8 |
streamlit-feedback==0.1.2
|
| 9 |
tiktoken==0.5.1
|
| 10 |
+
numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability
|
| 11 |
+
tornado>=6.3.3 # not directly required, pinned by Snyk to avoid a vulnerability
|