From fe3745b5e8c22ed6a82f14d639b5b8c24789bfd0 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 17 Apr 2024 05:38:18 +0000 Subject: [PATCH] fix: requirements/requirements-dev.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674 --- requirements/requirements-dev.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/requirements/requirements-dev.txt b/requirements/requirements-dev.txt index aace22d..d600bea 100644 --- a/requirements/requirements-dev.txt +++ b/requirements/requirements-dev.txt @@ -2,4 +2,5 @@ Django==4.1.3 psycopg2-binary==2.9.5 djangorestframework==3.14.0 python-dotenv -gunicorn \ No newline at end of file +gunicorn +sqlparse>=0.5.0 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file