From c82ee917d3e524f32b4120282e449f113bfa1256 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 1 Aug 2024 02:52:50 +0000
Subject: [PATCH] fix: requirements_py38.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
---
 requirements_py38.txt | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/requirements_py38.txt b/requirements_py38.txt
index 7d8191224..92867451f 100644
--- a/requirements_py38.txt
+++ b/requirements_py38.txt
@@ -2,10 +2,13 @@ ansicolors==1.1.8
 docker==5.0.2
 h5py==2.10.0
 matplotlib==3.3.4
-numpy==1.19.5
+numpy==1.22.2
 pyyaml==5.4
 psutil==5.6.6
 scipy==1.5.4
 scikit-learn
 jinja2==2.10.1
 pandas==1.1.5
+pillow>=10.3.0 # not directly required, pinned by Snyk to avoid a vulnerability
+requests>=2.32.2 # not directly required, pinned by Snyk to avoid a vulnerability
+urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability