From 03ac7e1575634bc97335360d8d93b1abb5df7b75 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 5 Sep 2024 19:05:26 +0000
Subject: [PATCH 1/2] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-TORCH-6619806
- https://snyk.io/vuln/SNYK-PYTHON-TORCH-6649934
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
- https://snyk.io/vuln/SNYK-PYTHON-WHEEL-3180413
---
 requirements.txt | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index f1643aabfb..e120dd8886 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -9,10 +9,10 @@ opencv-python>=4.1.1
 Pillow>=10.3.0
 psutil  # system resources
 PyYAML>=5.3.1
-requests>=2.32.0
+requests>=2.32.2
 scipy>=1.4.1
 thop>=0.1.1  # FLOPs computation
-torch>=1.8.0  # see https://pytorch.org/get-started/locally (recommended)
+torch>=2.2.0  # see https://pytorch.org/get-started/locally (recommended)
 torchvision>=0.9.0
 tqdm>=4.66.3
 ultralytics>=8.2.34  # https://ultralytics.com
@@ -47,3 +47,6 @@ setuptools>=70.0.0 # Snyk vulnerability fix
 # mss  # screenshots
 # albumentations>=1.0.3
 # pycocotools>=2.0.6  # COCO mAP
+fonttools>=4.43.0 # not directly required, pinned by Snyk to avoid a vulnerability
+urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
+wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability

From 8969cf1011e3c07afbbe1244d7b548e71233786e Mon Sep 17 00:00:00 2001
From: Glenn Jocher <glenn.jocher@ultralytics.com>
Date: Mon, 16 Sep 2024 16:57:42 +0200
Subject: [PATCH 2/2] Update requirements.txt

---
 requirements.txt | 5 +----
 1 file changed, 1 insertion(+), 4 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index e120dd8886..c2dc8a08bf 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -12,7 +12,7 @@ PyYAML>=5.3.1
 requests>=2.32.2
 scipy>=1.4.1
 thop>=0.1.1  # FLOPs computation
-torch>=2.2.0  # see https://pytorch.org/get-started/locally (recommended)
+torch>=1.8.0  # see https://pytorch.org/get-started/locally (recommended)
 torchvision>=0.9.0
 tqdm>=4.66.3
 ultralytics>=8.2.34  # https://ultralytics.com
@@ -47,6 +47,3 @@ setuptools>=70.0.0 # Snyk vulnerability fix
 # mss  # screenshots
 # albumentations>=1.0.3
 # pycocotools>=2.0.6  # COCO mAP
-fonttools>=4.43.0 # not directly required, pinned by Snyk to avoid a vulnerability
-urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
-wheel>=0.38.0 # not directly required, pinned by Snyk to avoid a vulnerability