urllib3 dependency in fbpcp and fbpcs (facebookresearch#2347)

Summary: X-link: facebookresearch/fbpcp#524 # Context T165465797 and T165465798 ## Reference on security vulnerability in a package dependency GHSA-v845-jxx5-vc9f urllib3/urllib3@0122035 urllib3/urllib3@644124e GHSA-v845-jxx5-vc9f # What fix security vulnerability in a package dependency defined in the repository, facebookresearch/fbpcp and fbpcs Reviewed By: ajinkya-ghonge Differential Revision: D49893672
anthonyzhang25 · Oct 4, 2023 · bc8adb6 · bc8adb6
1 parent 24f428e
commit bc8adb6
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/fbpcs/pip_requirements.txt b/fbpcs/pip_requirements.txt
@@ -3,7 +3,7 @@ botocore==1.21.65
 cython==0.29.30 # required by thriftpy2 setup
 dataclasses-json==0.5.2 # fbpcp requires this version, so we must as well
 docopt>=0.6.2
-fbpcp~=0.6 # depending on: boto3, botocore
+fbpcp~=0.6.1 # depending on: boto3, botocore
 marshmallow==3.5.1
 networkx>=2.6.3
 requests>=2.26.0
@@ -13,6 +13,6 @@ thriftpy2==0.4.14
 pytz>=2022.1
 thrift>=0.16.0 # logging_service client requires this
 tqdm==4.55.1 # fbpcp requires this version, so we must as well
-urllib3==1.26.7 # fbpcp requires this version, so we must as well
+urllib3==1.26.17 # fbpcp requires this version, so we must as well
 fastapi==0.93.0 # required by smart agent setup
 uvicorn==0.20.0 # required by smart agent setup