fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749 - https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389002 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2389021 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606966 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2606969 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2940618 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-2968205 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-3319450 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5496950 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5750790 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5880505 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5932095 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6041515 - https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORKSIMPLEJWT-3104636 - https://snyk.io/vuln/SNYK-PYTHON-FUTURE-3180414 - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412 - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-5426157 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
Patrowl · Jan 23, 2024 · 16d1b1d · 16d1b1d
1 parent d5f0a23
commit 16d1b1d
Showing 1 changed file with 9 additions and 8 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -3,11 +3,11 @@ Babel==2.9.1
 backports-abc==0.5
 billiard==3.6.1.0
 celery==4.4.0
-certifi==2017.4.17
+certifi==2023.7.22
 chardet==3.0.4
 coreapi==2.3.3
 coreschema==0.0.4
-Django==2.2.26
+Django==3.2.23
 #django-celery-beat==1.1.1
 django-celery-beat==2.0.0
 django-celery-results==2.0.1
@@ -20,7 +20,7 @@ django-timezone-field==4.0
 djangorestframework>=3.11.2
 djangorestframework-datatables==0.6.0
 flower==0.9.2
-future==0.16.0
+future==0.18.3
 futures==3.1.1
 gunicorn==20.0.4
 idna==2.5
@@ -43,27 +43,28 @@ python-magic==0.4.15
 #python-magic-bin==0.4.14
 python-memcached==1.59
 pytz==2019.2
-requests==2.25.1
+requests==2.31.0
 simplejson==3.16.0
 singledispatch==3.4.0.3
 six==1.10.0
-sqlparse==0.4.2
+sqlparse==0.4.4
 supervisor==4.2.1
 thehive4py==1.8.1
 tornado==5.1
 tzlocal==1.5.1
 uritemplate==3.0.0
-urllib3==1.26.5
+urllib3==1.26.18
 vine==1.3.0
-Werkzeug==2.0.1
+Werkzeug==2.3.8
 zipp==0.6.0
 django-filter==2.4.0
 django-cors-headers==3.2.0
-djangorestframework-simplejwt==4.4.0
+djangorestframework-simplejwt==5.2.2
 django-health-check==3.12.1
 psutil==5.7.0
 django-organizations==1.1.2
 django-annoying==0.10.6
 django-reset-migrations
 django-dbconn-retry
 cpe==1.2.1
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability