From 07b9249cda3a3e078d11cf7f6ef8759d8fd513ac Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 15 Feb 2024 03:54:51 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-6133203
- https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862881
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862882
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-6099119
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-5918878
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6182918
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219984
- https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6219986
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512
---
 requirements.txt | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index f97cea17..97afe5b7 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -18,4 +18,9 @@ notebook>=6.1.5 # not directly required, pinned by Snyk to avoid a vulnerability
 pygments>=2.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
 
 mistune>=2.0.1 # not directly required, pinned by Snyk to avoid a vulnerability
-ipython>=7.16.3 # not directly required, pinned by Snyk to avoid a vulnerability
+ipython>=8.10.0 # not directly required, pinned by Snyk to avoid a vulnerability
+fonttools>=4.43.0 # not directly required, pinned by Snyk to avoid a vulnerability
+jupyter-server>=2.11.2 # not directly required, pinned by Snyk to avoid a vulnerability
+numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability
+pillow>=10.2.0 # not directly required, pinned by Snyk to avoid a vulnerability
+tornado>=6.3.3 # not directly required, pinned by Snyk to avoid a vulnerability