fix: requirements-dev.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382 - https://snyk.io/vuln/SNYK-PYTHON-PROMPTTOOLKIT-6141120 - https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273 - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
Crown-Commercial-Service · Feb 18, 2024 · 279facd · 279facd
1 parent 294097e
commit 279facd
Showing 1 changed file with 4 additions and 3 deletions.
diff --git a/requirements-dev.txt b/requirements-dev.txt
@@ -36,7 +36,7 @@ idna==2.9
     # via
     #   -c requirements.txt
     #   requests
-ipython==7.16.3
+ipython==8.10.0
     # via -r requirements-dev.in
 ipython-genutils==0.2.0
     # via
@@ -62,7 +62,7 @@ pickleshare==0.7.5
     # via ipython
 pluggy==0.13.1
     # via pytest
-prompt-toolkit==3.0.3
+prompt-toolkit==3.0.13
     # via ipython
 ptyprocess==0.6.0
     # via pexpect
@@ -72,7 +72,7 @@ pycodestyle==2.8.0
     # via flake8
 pyflakes==2.4.0
     # via flake8
-pygments==2.7.4
+pygments==2.15.0
     # via ipython
 pyparsing==2.4.6
     # via packaging
@@ -110,3 +110,4 @@ wcwidth==0.1.8
 
 # The following packages are considered to be unsafe in a requirements file:
 # setuptools
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability