From 27918f6c24736e63ca9425f6024d9f79f4238a15 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Tue, 9 Dec 2025 10:26:48 +0000 Subject: [PATCH] fix: backend/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157807 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157810 - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-14157217 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192442 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192443 --- backend/requirements.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/backend/requirements.txt b/backend/requirements.txt index 07eab2470..bad1f138a 100644 --- a/backend/requirements.txt +++ b/backend/requirements.txt @@ -2,7 +2,7 @@ certifi==2019.3.9 chardet==3.0.4 coreapi==2.3.3 coreschema==0.0.4 -django==2.1.7 +django==4.2.27 djangorestframework-simplejwt==4.3.0 django-cors-headers==3.0.0 django-rest-swagger==2.2.0 @@ -18,11 +18,11 @@ PyJWT==1.7.1 pytz==2019.1 requests==2.21.0 simplejson==3.16.0 -sqlparse==0.3.0 +sqlparse==0.5.4 uritemplate==3.0.0 psycopg2-binary==2.8.2 django-debug-toolbar==1.11 djoser==1.5.1 # latest compatible version of urllib3 -urllib3==1.24.3 +urllib3==2.6.0