From df5d5753d9c1a38d9ea0add23a1fd1384607775b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 14 Jul 2025 07:34:21 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-10364902 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390193 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390194 --- requirements.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/requirements.txt b/requirements.txt index 4306d9c..1044bac 100644 --- a/requirements.txt +++ b/requirements.txt @@ -20,3 +20,5 @@ jsonschema>=4.20.0 # Statistical models and analysis scikit-learn>=1.3.0 statsmodels>=0.14.0 +protobuf>=4.25.8 # not directly required, pinned by Snyk to avoid a vulnerability +urllib3>=2.5.0 # not directly required, pinned by Snyk to avoid a vulnerability