Merge pull request #630 from harshad16/fix-cve-jupyter-server-proxy

Pinned down jupyter-server-proxy for cve fixes

Author: openshift-merge-bot[bot]

habana/1.10.0/ubi8-python-3.8/Pipfile

@@ -33,7 +33,7 @@ pybind11 = "==2.6.2"
 elyra-pipeline-editor-extension = "~=3.15.0"
 elyra-python-editor-extension = "~=3.15.0"
 elyra-code-snippet-extension = "~=3.15.0"
-kfp-tekton = "<1.6.0"
+kfp-tekton = "==1.5.7" # pinned to avoid upgrade of pyyaml which is required.
 boto3 = "~=1.26.165"
 kafka-python = "~=2.0.2"
 matplotlib = "~=3.6.3"
@@ -45,18 +45,24 @@ scipy = "~=1.10.1"
 jupyter-bokeh = "~=3.0.5"
 jupyterlab-lsp = "~=3.10.2"
 jupyterlab-widgets = "~=3.0.5"
-jupyter-resource-usage = "~=0.6.0"
+jupyter-resource-usage = "~=0.7.2"
 
 # Parent image requirements to maintain cohesion
 jupyterlab = "~=3.5.3"
 jupyter-server = "~=2.1.0"
-jupyter-server-proxy = "~=3.2.2"
+jupyter-server-proxy = "~=3.2.4"
 jupyter-server-terminals = "~=0.4.4"
 jupyterlab-git = "~=0.41.0"
 nbdime = "~=3.1.1"
 nbgitpuller = "~=1.1.1"
 # ---
 wheel = "~=0.38.4"
 
+# conflict between python-lsp-server and following packages
+# due to pycodestyle dependency, pinning this, till we get 
+# a fix from python-lsp-server 
+autopep8 = "~=2.0.4"
+flake8 = "~=7.0.0"
+
 [requires]
 python_version = "3.8"