diff --git a/example-project/ci/requirements.txt b/example-project/ci/requirements.txt index c030647a3..321e632a3 100644 --- a/example-project/ci/requirements.txt +++ b/example-project/ci/requirements.txt @@ -2,3 +2,4 @@ c2cciutils==1.2.14 setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability certifi>=2022.12.7 # not directly required, pinned by Snyk to avoid a vulnerability requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability +urllib3>=1.26.17 # not directly required, pinned by Snyk to avoid a vulnerability diff --git a/example-project/requirements.txt b/example-project/requirements.txt index 6c4772957..415eb7f79 100644 --- a/example-project/requirements.txt +++ b/example-project/requirements.txt @@ -3,3 +3,4 @@ poetry-core>=1.1.0a7 # not directly required, pinned by Snyk to avoid a vulnerab setuptools==65.5.1 requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability certifi>=2022.12.7 # not directly required, pinned by Snyk to avoid a vulnerability +urllib3>=1.26.17 # not directly required, pinned by Snyk to avoid a vulnerability diff --git a/poetry.lock b/poetry.lock index a159f714b..d3bad06e5 100644 --- a/poetry.lock +++ b/poetry.lock @@ -2040,19 +2040,19 @@ files = [ [[package]] name = "urllib3" -version = "1.26.9" +version = "1.26.17" description = "HTTP library with thread-safe connection pooling, file post, and more." category = "main" optional = false -python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, <4" +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*, !=3.5.*" files = [ - {file = "urllib3-1.26.9-py2.py3-none-any.whl", hash = "sha256:44ece4d53fb1706f667c9bd1c648f5469a2ec925fcf3a776667042d645472c14"}, - {file = "urllib3-1.26.9.tar.gz", hash = "sha256:aabaf16477806a5e1dd19aa41f8c2b7950dd3c746362d7e3223dbe6de6ac448e"}, + {file = "urllib3-1.26.17-py2.py3-none-any.whl", hash = "sha256:94a757d178c9be92ef5539b8840d48dc9cf1b2709c9d6b588232a055c524458b"}, + {file = "urllib3-1.26.17.tar.gz", hash = "sha256:24d6a242c28d29af46c3fae832c36db3bbebcc533dd1bb549172cd739c82df21"}, ] [package.extras] -brotli = ["brotli (>=1.0.9)", "brotlicffi (>=0.8.0)", "brotlipy (>=0.6.0)"] -secure = ["certifi", "cryptography (>=1.3.4)", "idna (>=2.0.0)", "ipaddress", "pyOpenSSL (>=0.14)"] +brotli = ["brotli (==1.0.9)", "brotli (>=1.0.9)", "brotlicffi (>=0.8.0)", "brotlipy (>=0.6.0)"] +secure = ["certifi", "cryptography (>=1.3.4)", "idna (>=2.0.0)", "ipaddress", "pyOpenSSL (>=0.14)", "urllib3-secure-extra"] socks = ["PySocks (>=1.5.6,!=1.5.7,<2.0)"] [[package]] @@ -2209,4 +2209,4 @@ testing = ["func-timeout", "jaraco.itertools", "pytest (>=6)", "pytest-black (>= [metadata] lock-version = "2.0" python-versions = ">=3.8,<4.0" -content-hash = "24b842a247be5690a579baa417c51b94d6261c6b31b09d9ac8485fdd72bc8c1f" +content-hash = "f52a44a490b8eeef7b20c8516388bdf0caec21b05a91a6473447961102432c71" diff --git a/pyproject.toml b/pyproject.toml index f8d32e72c..e62f04eec 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -100,6 +100,7 @@ pyopenssl = "23.2.0" pyyaml = "6.0.1" wheel = "0.38.4" pygments = "2.15.1" +urllib3 = "1.26.17" [tool.poetry.dev-dependencies] prospector = { version = "1.7.7", extras = [ diff --git a/requirements.txt b/requirements.txt index 137a4d4d3..e7de98549 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,3 +4,4 @@ poetry-dynamic-versioning[plugin]==0.20.0 poetry-plugin-tweak-dependencies-version==1.3.0 requests>=2.31.0 # not directly required, pinned by Snyk to avoid a vulnerability certifi>=2022.12.7 # not directly required, pinned by Snyk to avoid a vulnerability +urllib3>=1.26.17 # not directly required, pinned by Snyk to avoid a vulnerability