From b85e31b34e67f4de5de2e6c34921bfa1e2d8ff5a Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 14 Jan 2026 07:36:44 +0000 Subject: [PATCH] fix: daemons/validation-scheduler-daemon/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14896210 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-14908843 --- .../validation-scheduler-daemon/requirements.txt | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) mode change 120000 => 100644 daemons/validation-scheduler-daemon/requirements.txt diff --git a/daemons/validation-scheduler-daemon/requirements.txt b/daemons/validation-scheduler-daemon/requirements.txt deleted file mode 120000 index fd1efae7..00000000 --- a/daemons/validation-scheduler-daemon/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -../../requirements.txt \ No newline at end of file diff --git a/daemons/validation-scheduler-daemon/requirements.txt b/daemons/validation-scheduler-daemon/requirements.txt new file mode 100644 index 00000000..b2e4c607 --- /dev/null +++ b/daemons/validation-scheduler-daemon/requirements.txt @@ -0,0 +1,15 @@ +alembic==1.0.0 +boto3==1.9.44 +botocore==1.12.119 +connexion==1.5.2 +cryptography==2.3.1 +dcplib>=2.0.0 +jsonschema==2.6.0 +psycopg2-binary==2.7.5 +PyJWT==1.6.4 +requests==2.20.0 +s3transfer<0.3.0,>=0.2.0 +SQLAlchemy==1.3.2 +tenacity==5.0.2 +urllib3>=2.6.3 # not directly required, pinned by Snyk to avoid a vulnerability +werkzeug>=3.1.5 # not directly required, pinned by Snyk to avoid a vulnerability