From cd314f3d71f941606f1383f444ecad49f0e492b3 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 14 Dec 2025 07:54:14 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-14151621 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192442 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192443 --- requirements.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/requirements.txt b/requirements.txt index a0e7953d147..6054d52b20e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -66,3 +66,5 @@ Unidecode>=1.3.4 weasyprint>=53 xml2rfc>=3.12.4 xym>=0.6,<1.0 +fonttools>=4.61.0 # not directly required, pinned by Snyk to avoid a vulnerability +urllib3>=2.6.0 # not directly required, pinned by Snyk to avoid a vulnerability