fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505 - https://snyk.io/vuln/SNYK-PYTHON-PYYAML-559098 - https://snyk.io/vuln/SNYK-PYTHON-PYYAML-590151 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-1533435
2022-02-16 07:17:07 +00:00 · 2022-02-16 07:17:07 +00:00 · b20613bf6a
parent 5ec5714dee
commit b20613bf6a
1 changed files with 3 additions and 2 deletions
--- a/requirements.txt
+++ b/requirements.txt
@ -1,8 +1,9 @@
 cookiecutter==1.6.0
 click==7.0
 fire==0.2.1
-pyyaml==5.2
-Pygments==2.5.2
+pyyaml==5.4
+Pygments==2.7.4
 requests==2.22.0
 colorama==0.4.3
 appdirs==1.4.3
+urllib3>=1.26.5 # not directly required, pinned by Snyk to avoid a vulnerability