From cc4a4fe6dec3e86be4abb48942d0e339d2279662 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 20 Jul 2024 01:00:04 +0000
Subject: [PATCH] fix:
 packages/python/plotly/test_requirements/requirements_36_optional.txt to
 reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-ANYIO-7361842
- https://snyk.io/vuln/SNYK-PYTHON-FIONA-7462744
- https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-2348630
- https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-3318382
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862881
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-5862882
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-6099119
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERSERVER-7217832
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321969
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PROMPTTOOLKIT-6141120
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5756497
- https://snyk.io/vuln/SNYK-PYTHON-SCIPY-5759266
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5537286
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-5840803
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217828
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-7217829
- https://snyk.io/vuln/SNYK-PYTHON-ZIPP-7430899
---
 .../test_requirements/requirements_36_optional.txt  | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/packages/python/plotly/test_requirements/requirements_36_optional.txt b/packages/python/plotly/test_requirements/requirements_36_optional.txt
index 8c33824da66..d48f8c0aa98 100644
--- a/packages/python/plotly/test_requirements/requirements_36_optional.txt
+++ b/packages/python/plotly/test_requirements/requirements_36_optional.txt
@@ -1,17 +1,17 @@
 requests==2.12.4
 tenacity==6.2.0
 pandas==0.24.2
-numpy==1.19.5
+numpy==1.22.2
 xarray==0.10.9
 statsmodels==0.10.2
 pillow==5.2.0
 pytest==3.5.1
 pytz==2016.10
-ipython[all]==5.1.0
+ipython==8.10.0
 ipywidgets==7.2.0
 ipykernel==4.8.2
 jupyter==1.0.0
-scipy==1.2.3
+scipy==1.10.0rc1
 shapely==1.7.0
 geopandas==0.3.0
 pyshp==1.2.10
@@ -19,3 +19,10 @@ matplotlib==2.2.3
 scikit-image==0.14.4
 psutil==5.7.0
 kaleido
+anyio>=4.4.0 # not directly required, pinned by Snyk to avoid a vulnerability
+fiona>=1.10b2 # not directly required, pinned by Snyk to avoid a vulnerability
+jupyter-server>=2.14.1 # not directly required, pinned by Snyk to avoid a vulnerability
+prompt-toolkit>=3.0.13 # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=70.0.0 # not directly required, pinned by Snyk to avoid a vulnerability
+tornado>=6.4.1 # not directly required, pinned by Snyk to avoid a vulnerability
+zipp>=3.19.1 # not directly required, pinned by Snyk to avoid a vulnerability