From 093a86c631e0e0860e863dea4f01344f9cc8a3e4 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 7 Aug 2024 18:34:13 +0000
Subject: [PATCH] fix: pip-sample/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-6928867
- https://snyk.io/vuln/SNYK-PYTHON-SCIKITLEARN-7217830
- https://snyk.io/vuln/SNYK-PYTHON-TQDM-6807582
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
---
 pip-sample/requirements.txt | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/pip-sample/requirements.txt b/pip-sample/requirements.txt
index b84c8755..bad27191 100644
--- a/pip-sample/requirements.txt
+++ b/pip-sample/requirements.txt
@@ -8,7 +8,7 @@ feedparser==6.0.11
 beautifulsoup4==4.12.3
 fsspec==2024.2.0
 s3fs==0.4.2
-scikit-learn==1.4.1.post1
+scikit-learn==1.5.0
 db-sqlite3==0.0.1
 nltk==3.8.1
 httpx==0.27.0
@@ -24,6 +24,7 @@ scipy==1.10.1
 keras==3.2.1
 tensorflow==2.16.1
 tf-keras==2.16.0
-requests==2.31.0
-tqdm==4.66.2
-numpy==1.26.4
\ No newline at end of file
+requests==2.32.2
+tqdm==4.66.3
+numpy==1.26.4
+urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file