From c673859b21cf5a392721941b235993a89730358d Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 3 Oct 2024 08:24:25 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-JSONPICKLE-8136229 --- requirements.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/requirements.txt b/requirements.txt index 43d997511..8c41e6601 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,3 +4,4 @@ rasa==2.8.21 # NB! when updating, make sure to also update: -r actions/requirements-actions.txt pytablewriter python-dotenv~=0.15.0 +jsonpickle>=3.3.0 # not directly required, pinned by Snyk to avoid a vulnerability