From be6a06fa039daac2c64e72d4c2f1f5e26e979f8c Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 13 Feb 2024 08:41:50 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6050294 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6126975 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6149518 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6157248 - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6210214 --- requirements.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index cfb03866d..7bb2c0f81 100644 --- a/requirements.txt +++ b/requirements.txt @@ -16,4 +16,5 @@ xgboost>=1.5.0 #TODO: Add Redshift packages to requirements once these are available on prod rudder-sources. snowflake_connector_python>=3.1.0 snowflake-snowpark-python[pandas]>=0.10.0 -setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file +setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability +cryptography>=42.0.2 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file