From 679daf43b690464112681b1d000cbdc2a83b32db Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 10 Jul 2024 08:23:36 +0000 Subject: [PATCH] fix: packaging/dag/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899 --- packaging/dag/requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/packaging/dag/requirements.txt b/packaging/dag/requirements.txt index 66edabfeaab225..06ad9f3e3adde7 100644 --- a/packaging/dag/requirements.txt +++ b/packaging/dag/requirements.txt @@ -1,3 +1,4 @@ click==8.1.7 dagger-io==0.9.7 Jinja2==3.1.4 +zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability