From d25d29d40b00b2fceea1b4aed92a0d51c963e2ef Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 9 Nov 2021 00:12:05 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-1022152 --- requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements.txt b/requirements.txt index 22e4f1f..372c1ab 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,3 +3,4 @@ locustio >= 0.8.1 gevent >= 1.2.2 boto3 git+git://github.com/HumanCellAtlas/dcp-pyjsongen@master#egg=pyjsongen +cryptography>=3.2 # not directly required, pinned by Snyk to avoid a vulnerability