fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-BANDIT-6241859 - https://snyk.io/vuln/SNYK-PYTHON-BLACK-6256273 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-COOKIECUTTER-2414281 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-2407255 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5840584 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5871282 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5876644 - https://snyk.io/vuln/SNYK-PYTHON-GITPYTHON-6150683 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717 - https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459 - https://snyk.io/vuln/SNYK-PYTHON-WHEEL-3180413
engineervix · May 12, 2024 · ea9c427 · ea9c427
1 parent e5714d5
commit ea9c427
Showing 1 changed file with 12 additions and 11 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -14,17 +14,17 @@ arrow==0.17.0
     # via jinja2-time
 attrs==20.3.0
     # via pytest
-bandit==1.7.1
+bandit==1.7.7
     # via pytest-bandit
 binaryornot==0.4.4
     # via cookiecutter
-black==21.6b0
+black==24.3.0
     # via -r requirements.in
 blessings==1.7
     # via curtsies
 bpython==0.21
     # via -r requirements.in
-certifi==2020.12.5
+certifi==2023.7.22
     # via requests
 cfgv==3.3.1
     # via pre-commit
@@ -41,7 +41,7 @@ colorama==0.4.4
     # via commitizen
 commitizen==2.20.0
     # via -r requirements.in
-cookiecutter==1.7.3
+cookiecutter==2.1.1
     # via
     #   -r requirements.in
     #   pytest-cookies
@@ -65,15 +65,15 @@ flake8==3.9.2
     # via -r requirements.in
 gitdb==4.0.7
     # via gitpython
-gitpython==3.1.24
+gitpython==3.1.41
     # via bandit
 greenlet==1.1.2
     # via bpython
 identify==1.6.2
     # via pre-commit
-idna==2.10
+idna==3.7
     # via requests
-jinja2==2.11.3
+jinja2==3.1.4
     # via
     #   commitizen
     #   cookiecutter
@@ -118,7 +118,7 @@ pycodestyle==2.8.0
     # via flake8
 pyflakes==2.4.0
     # via flake8
-pygments==2.10.0
+pygments==2.15.0
     # via bpython
 pyparsing==2.4.7
     # via packaging
@@ -150,7 +150,7 @@ questionary==1.10.0
     # via commitizen
 regex==2020.11.13
     # via black
-requests==2.26.0
+requests==2.31.0
     # via
     #   bpython
     #   cookiecutter
@@ -179,17 +179,18 @@ toml==0.10.2
     #   pytest-cov
 tomlkit==0.7.2
     # via commitizen
-urllib3==1.26.7
+urllib3==1.26.18
     # via requests
 virtualenv==20.8.1
     # via pre-commit
 wcwidth==0.2.5
     # via
     #   prompt-toolkit
     #   pytest
-wheel==0.37.0
+wheel==0.38.0
     # via pip-tools
 
 # The following packages are considered to be unsafe in a requirements file:
 # pip
 # setuptools
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability