From f0d1771f910f4713073f7132af683db0bd8f001b Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 21 Dec 2023 14:49:26 +0000 Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203 --- requirements.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) mode change 100755 => 100644 requirements.txt diff --git a/requirements.txt b/requirements.txt old mode 100755 new mode 100644 index d682f15..b93e2a5 --- a/requirements.txt +++ b/requirements.txt @@ -3,4 +3,5 @@ pandas ase mpds_client shapely[vectorized] -scipy \ No newline at end of file +scipy +fonttools>=4.43.0 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file