From f2c2aaa9ac36663823cb57070cebd10729049673 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 21 May 2025 10:22:08 +0000 Subject: [PATCH] fix: docker/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-10176059 - https://snyk.io/vuln/SNYK-PYTHON-TRANSFORMERS-10185677 --- docker/requirements.txt | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docker/requirements.txt b/docker/requirements.txt index 3a58482..9092881 100644 --- a/docker/requirements.txt +++ b/docker/requirements.txt @@ -2,6 +2,7 @@ ftfy==6.1.1 onnx==1.12.0 onnxruntime==1.12.1 streamlit==1.13.0 -transformers==4.22.2 +transformers==4.50.0 diffusers==0.4.0 -torch==1.10.0+cpu \ No newline at end of file +torch==1.10.0+cpu +tornado>=6.5 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file