From 6868d41e435d51f1f2d36785ab88b9e1af6e9a30 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 24 Dec 2025 14:26:40 +0000 Subject: [PATCH] fix: requirements.dev.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-FILELOCK-14458335 - https://snyk.io/vuln/SNYK-PYTHON-MARSHMALLOW-14550833 --- requirements.dev.txt | 2 ++ 1 file changed, 2 insertions(+) diff --git a/requirements.dev.txt b/requirements.dev.txt index 35e6f3b2..951b7b6a 100644 --- a/requirements.dev.txt +++ b/requirements.dev.txt @@ -20,3 +20,5 @@ pytest-cov==2.10.1 pytest-order==1.0.0 pytest-xdist[psutil] safety +filelock>=3.20.1 # not directly required, pinned by Snyk to avoid a vulnerability +marshmallow>=3.26.2 # not directly required, pinned by Snyk to avoid a vulnerability