From 641f58e367802daa936a0c5f3de7a0a07ed06cc9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Sun, 7 Dec 2025 10:55:31 +0000 Subject: [PATCH] fix: backend/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157807 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157810 - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-14157217 --- backend/requirements.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/backend/requirements.txt b/backend/requirements.txt index b4e7ffe3b..b2d69469b 100644 --- a/backend/requirements.txt +++ b/backend/requirements.txt @@ -1,5 +1,5 @@ coreapi==2.3.3 -Django==1.11 +Django==4.2.27 django-cors-headers==2.1.0 django-debug-toolbar==1.5 django-extensions==1.7.7 @@ -15,3 +15,4 @@ nose>=1.3.7 django-nose>=1.4.5 coverage>=4.4.2 +sqlparse>=0.5.4 # not directly required, pinned by Snyk to avoid a vulnerability