From 109527edf2c45dc25983455fbf2d9f76623543c9 Mon Sep 17 00:00:00 2001 From: Glenn Jocher Date: Sun, 29 Oct 2023 20:07:57 +0100 Subject: [PATCH] [Snyk] Security upgrade werkzeug from 2.2.3 to 3.0.1 (#2130) fix: utils/google_app_engine/additional_requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177 Co-authored-by: snyk-bot --- utils/google_app_engine/additional_requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/utils/google_app_engine/additional_requirements.txt b/utils/google_app_engine/additional_requirements.txt index fce1511588..a29141a633 100644 --- a/utils/google_app_engine/additional_requirements.txt +++ b/utils/google_app_engine/additional_requirements.txt @@ -2,4 +2,4 @@ pip==21.1 Flask==2.3.2 gunicorn==19.10.0 -werkzeug>=2.2.3 # not directly required, pinned by Snyk to avoid a vulnerability +werkzeug>=3.0.1 # not directly required, pinned by Snyk to avoid a vulnerability