From 724289e62c4db21e681a6982efa92ff5c5f9e453 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 9 Aug 2024 11:53:49 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-5595532
- https://snyk.io/vuln/SNYK-PYTHON-SCIKITLEARN-1079100
- https://snyk.io/vuln/SNYK-PYTHON-SCIKITLEARN-3186293
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5756497
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5759266
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
---
 requirements.txt | 13 ++++++++-----
 1 file changed, 8 insertions(+), 5 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index be610b1..764f1dc 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,8 +1,11 @@
-numpy>=1.15.0
+numpy>=1.22.2
 python-dateutil>=2.7.3
-requests>=2.19.1
+requests>=2.31.0
 tensorflow>=1.10
 pandas>=0.23.4
-scikit-learn>=0.19.2
-scipy>=1.1.0
-matplotlib>=2.2.3
\ No newline at end of file
+scikit-learn>=0.24.2
+scipy>=1.10.0rc1
+matplotlib>=2.2.3
+certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
+idna>=3.7 # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file