From 41a028e441fef91da58f65197da015f5212425a9 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 11 Jul 2024 20:23:09 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JOBLIB-3027033
- https://snyk.io/vuln/SNYK-PYTHON-NLTK-1053952
- https://snyk.io/vuln/SNYK-PYTHON-NLTK-1660190
- https://snyk.io/vuln/SNYK-PYTHON-NLTK-1932014
- https://snyk.io/vuln/SNYK-PYTHON-NLTK-2313655
- https://snyk.io/vuln/SNYK-PYTHON-NLTK-5926697
- https://snyk.io/vuln/SNYK-PYTHON-NLTK-5926698
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5756497
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5759266
- https://snyk.io/vuln/SNYK-PYTHON-TQDM-6807582
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 requirements.txt | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 00776629..e280eee9 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,16 +1,16 @@
 typer>=0.4.0
 pandas>=0.23.1
-tqdm>=4.0.0
-numpy>=1.18.4
-scipy>=1.1.0
+tqdm>=4.66.3
+numpy>=1.22.2
+scipy>=1.10.0rc1
 scikit-learn>=1.0.2
 ftfy>=4.4.0
 spacy>=3.0.0
 pytest>=3.6.3
 h5py>=2.8.0
-joblib>=0.12.0
+joblib>=1.1.1
 bs4>=0.0.1
-nltk>=3.2.4
+nltk>=3.8.1
 regex>=2019.03.12
 lxml>=4.3.3
 tqdl==0.0.4
@@ -20,3 +20,4 @@ tensorflow-addons==0.16.1
 tensorflow-estimator==2.11.0
 psutil==5.7.0
 transformers==4.36.2
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability