Update requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-AZURESTORAGEBLOB-2949173 - https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203 - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382 - https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-2928995 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966 - https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512
equinor · Feb 7, 2024 · b1d710a · b1d710a
1 parent b10bb6f
commit b1d710a
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -4,5 +4,10 @@ numpy==1.22.3
 matplotlib==3.5.1
 scipy==1.7.3
 jupyter==1.0.0
-notebook==6.4.11
-azure-storage-blob==12.12.0
+notebook==6.4.12
+azure-storage-blob==12.13.0
+fonttools>=4.43.0 # not directly required, pinned by Snyk to avoid a vulnerability
+ipython>=8.10.0 # not directly required, pinned by Snyk to avoid a vulnerability
+pillow>=10.2.0 # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
+tornado>=6.3.3 # not directly required, pinned by Snyk to avoid a vulnerability