fix: pip-requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
qld-gov-au · Jul 10, 2024 · 18e3ef7 · 18e3ef7
1 parent 40dbc60
commit 18e3ef7
Showing 1 changed file with 7 additions and 1 deletion.
diff --git a/pip-requirements.txt b/pip-requirements.txt
diff --git a/pip-requirements.txt b/pip-requirements.txt
@@ -0,0 +1,7 @@
+ckantoolkit>=0.0.7
+pika>=1.1.0,<1.3.0
+enum34; python_version < '3.0'  # Required by pika
+redis
+requests>=2.11.1
+six>=1.12.0
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability