From ed449636c8290ab544d8a8025d467c061961205d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 15 Jun 2024 01:23:39 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-FUTURE-3180414
- https://snyk.io/vuln/SNYK-PYTHON-GRPCIO-5834443
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-IMAGECODECS-5934088
- https://snyk.io/vuln/SNYK-PYTHON-NETWORKX-1062709
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1055461
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1055462
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1059090
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1080635
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1080654
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1081494
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1081501
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1081502
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1082329
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1082750
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090584
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090586
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090587
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1090588
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1292150
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1292151
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1316216
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1319443
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-1727377
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2329135
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331901
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331905
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2331907
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-2397241
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-3113875
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-3113876
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866
- https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-3031740
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-RSA-1038401
- https://snyk.io/vuln/SNYK-PYTHON-RSA-570831
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5756497
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5759266
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6035177
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-6808933
- https://snyk.io/vuln/SNYK-PYTHON-WHEEL-3180413
---
 requirements.txt | 30 ++++++++++++++++--------------
 1 file changed, 16 insertions(+), 14 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 33176fc..02ea4c0 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,21 +1,21 @@
 absl-py==0.9.0
 astunparse==1.6.3
 cachetools==4.1.0
-certifi==2020.4.5.1
+certifi==2023.7.22
 chardet==3.0.4
 cloudpickle==1.3.0
 cycler==0.10.0
 decorator==4.4.2
-future==0.18.2
+future==0.18.3
 gast==0.3.3
 google-auth==1.15.0
 google-auth-oauthlib==0.4.1
 google-pasta==0.2.0
-grpcio==1.29.0
+grpcio==1.53.2
 gym==0.17.2
 h5py==2.10.0
-idna==2.9
-imagecodecs==2020.2.18
+idna==3.7
+imagecodecs==2023.9.18
 imageio==2.8.0
 importlib-metadata==1.6.0
 Keras==2.3.1
@@ -24,12 +24,12 @@ Keras-Preprocessing==1.1.2
 kiwisolver==1.2.0
 Markdown==3.2.2
 matplotlib==3.2.1
-networkx==2.4
-numpy==1.18.4
+networkx==2.6
+numpy==1.22.2
 oauthlib==3.1.0
 opt-einsum==3.2.1
-Pillow==7.1.2
-protobuf==3.12.0
+Pillow==10.3.0
+protobuf==3.18.3
 pyasn1==0.4.8
 pyasn1-modules==0.2.8
 pygame==2.0.0.dev9
@@ -38,11 +38,11 @@ pyparsing==2.4.7
 python-dateutil==2.8.1
 PyWavelets==1.1.1
 PyYAML==5.3.1
-requests==2.23.0
+requests==2.32.2
 requests-oauthlib==1.3.0
-rsa==4.0
+rsa==4.7
 scikit-image==0.17.2
-scipy==1.4.1
+scipy==1.10.0rc1
 six==1.14.0
 tensorboard==2.2.1
 tensorboard-plugin-wit==1.6.0.post3
@@ -50,7 +50,9 @@ tensorflow==2.2.0
 tensorflow-estimator==2.2.0
 termcolor==1.1.0
 tifffile==2020.5.11
-urllib3==1.25.9
-Werkzeug==1.0.1
+urllib3==1.26.18
+Werkzeug==3.0.3
 wrapt==1.12.1
 zipp==3.1.0
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
+wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability