Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding packages in requirements to satisfy snyk vulnerabilities #242

Merged
merged 6 commits into from
Apr 2, 2024

Conversation

joker2411
Copy link
Collaborator

Description of the change

'cryptography' and 'pillow' module versions can be vulnerable (suggested by snyk). So, adding them in requirements to keep a check on those.
Link of snyk PRs: (#196 ), (#163 )

Type of change

  • Bug fix (non-breaking change that fixes an issue)
  • New feature (non-breaking change that adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)

Related issues

Fix #1

Checklists

Development

  • Lint rules pass locally
  • The code changed/added as part of this pull request has been covered with tests
  • All tests related to the changed code pass in development

Code review

  • This pull request has a descriptive title and information useful to a reviewer. There may be a screenshot or screencast attached
  • "Ready for review" label attached to the PR and reviewers mentioned in a comment
  • Changes have been reviewed by at least one other engineer
  • Issue from task tracker has a link to this pull request

@joker2411 joker2411 marked this pull request as ready for review April 1, 2024 09:57
@joker2411 joker2411 requested a review from shekhar-rudder April 1, 2024 09:57
requirements.txt Outdated Show resolved Hide resolved
@joker2411 joker2411 merged commit da64ccc into main Apr 2, 2024
6 checks passed
@joker2411 joker2411 deleted the feature/prml-453-handle-snyk-prs branch April 2, 2024 06:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants