From 97f9ca3f9d2d93da46823d8de787964fd5ff0475 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 16 Nov 2022 00:02:34 +0000 Subject: [PATCH] fix: scrapers/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-1022152 - https://snyk.io/vuln/SNYK-PYTHON-LXML-1047473 - https://snyk.io/vuln/SNYK-PYTHON-LXML-1047474 - https://snyk.io/vuln/SNYK-PYTHON-LXML-1088006 - https://snyk.io/vuln/SNYK-PYTHON-LXML-2316995 - https://snyk.io/vuln/SNYK-PYTHON-LXML-2940874 - https://snyk.io/vuln/SNYK-PYTHON-SCRAPY-1729576 - https://snyk.io/vuln/SNYK-PYTHON-SCRAPY-2414087 - https://snyk.io/vuln/SNYK-PYTHON-SCRAPY-2414471 - https://snyk.io/vuln/SNYK-PYTHON-SCRAPY-2964185 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 - https://snyk.io/vuln/SNYK-PYTHON-TWISTED-2395823 - https://snyk.io/vuln/SNYK-PYTHON-TWISTED-2440825 - https://snyk.io/vuln/SNYK-PYTHON-TWISTED-3040866 - https://snyk.io/vuln/SNYK-PYTHON-TWISTED-3084923 - https://snyk.io/vuln/SNYK-PYTHON-TWISTED-564119 - https://snyk.io/vuln/SNYK-PYTHON-TWISTED-564121 --- scrapers/requirements.txt | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/scrapers/requirements.txt b/scrapers/requirements.txt index 6d42a8c..8f5efa1 100644 --- a/scrapers/requirements.txt +++ b/scrapers/requirements.txt @@ -4,14 +4,14 @@ attrs==18.2.0 Automat==0.7.0 cffi==1.11.5 constantly==15.1.0 -cryptography==2.3.1 +cryptography==3.2 cssselect==1.0.3 hyperlink==18.0.0 idna==2.7 incremental==17.5.0 isort==4.3.4 lazy-object-proxy==1.3.1 -lxml==4.2.5 +lxml==4.9.1 mccabe==0.6.1 parsel==1.5.0 pyasn1==0.4.4 @@ -23,11 +23,12 @@ pylint==2.1.1 pyOpenSSL==18.0.0 python-dateutil==2.8.0 queuelib==1.5.0 -Scrapy==1.5.1 +Scrapy==2.6.0 service-identity==17.0.0 six==1.11.0 -Twisted==19.7.0 +Twisted==22.10.0rc1 typed-ast==1.1.0 w3lib==1.19.0 wrapt==1.10.11 zope.interface==4.5.0 +setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability