From 62e8a4ef67ef593f89e5b8d5759036e8330c087a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 1 Jun 2026 05:29:24 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-IDNA-16769942 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-MARKDOWN-15428352 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-15746419 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-10305723 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-15763443 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-9964606 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390194 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250 - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- requirements.txt | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/requirements.txt b/requirements.txt index ae8dde5..ed5868b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -9,32 +9,33 @@ cloudpickle==1.6.0 docutils==0.17.1 doit==0.33.1 Flask -idna==2.10 +idna==3.15 importlib-metadata==4.5.0 itsdangerous==2.1.2 Jinja2==3.1.2 livereload==2.6.3 lxml==4.9.1 Mako==1.2.2 -Markdown==3.3.4 +Markdown==3.8.1 MarkupSafe==2.1.1 natsort==7.1.1 Nikola==8.1.3 piexif==1.1.3 Pillow==11.3.0 -Pygments==2.9.0 +Pygments==2.20.0 pyinotify==0.9.6 PyRSS2Gen==1.1 python-dateutil==2.8.1 pytz==2021.1 -requests==2.25.1 +requests==2.33.0 six==1.16.0 tornado==6.1 typing-extensions==3.10.0.0 Unidecode==1.2.0 -urllib3==1.26.5 +urllib3==2.5.0 Werkzeug==2.3.3 Yapsy==1.12.2 -zipp==3.4.1 +zipp==3.19.1 aiohttp watchdog +setuptools>=78.1.1 # not directly required, pinned by Snyk to avoid a vulnerability