From 140867bb2f7905109114a92375fa60b6b02594a6 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 16 Nov 2022 19:03:16 +0000 Subject: [PATCH] fix: openmtc-gevent/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3113904 --- openmtc-gevent/requirements.txt | 28 +++++++++++++++++++++++++++- 1 file changed, 27 insertions(+), 1 deletion(-) mode change 120000 => 100644 openmtc-gevent/requirements.txt diff --git a/openmtc-gevent/requirements.txt b/openmtc-gevent/requirements.txt deleted file mode 120000 index 0a43c47..0000000 --- a/openmtc-gevent/requirements.txt +++ /dev/null @@ -1 +0,0 @@ -dependencies.txt \ No newline at end of file diff --git a/openmtc-gevent/requirements.txt b/openmtc-gevent/requirements.txt new file mode 100644 index 0000000..819436c --- /dev/null +++ b/openmtc-gevent/requirements.txt @@ -0,0 +1,27 @@ +# Don't install via the operating system's package manager +# Install all dependencies via the "pip" tool +# e.g. $ sudo pip install urllib3 +# or $ sudo pip install --requirement dependencies.txt + +urllib3 +gevent>=1.1 +iso8601>=0.1.5 +werkzeug>=0.9 +funcy +netifaces +decorator +mimeparse +gevent_websocket +python_socketio>=1.7.5 +flask +geventhttpclient +enum34 +blist +simplejson +ujson +pymongo +paho-mqtt +coapthon +rdflib +yapps +setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability