From 8471604e4e9a940d36272ca4d2e24e8542cc2023 Mon Sep 17 00:00:00 2001 From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com> Date: Sun, 29 Mar 2026 18:26:50 +0000 Subject: [PATCH] fix: py3_test_requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-15809188 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250 --- py3_test_requirements.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/py3_test_requirements.txt b/py3_test_requirements.txt index 80c7b64..e2873f6 100644 --- a/py3_test_requirements.txt +++ b/py3_test_requirements.txt @@ -9,3 +9,5 @@ mock==1.0.1 # git+https://github.com/spulec/moto.git@0.4.23#egg=moto moto==3.1.19 -e . +cryptography>=46.0.6 # not directly required, pinned by Snyk to avoid a vulnerability +urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability