From acd16821ed489cdd4313900179668ba18bb15f40 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 27 Jul 2024 14:38:02 +0000
Subject: [PATCH] fix:
 components/example-notebook-servers/jupyter-tensorflow-full/requirements.txt
 to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-3164749
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-5805047
- https://snyk.io/vuln/SNYK-PYTHON-CERTIFI-7430173
- https://snyk.io/vuln/SNYK-PYTHON-IPYTHON-2348630
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6150717
- https://snyk.io/vuln/SNYK-PYTHON-JINJA2-6809379
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERCORE-3063766
- https://snyk.io/vuln/SNYK-PYTHON-MISTUNE-2940625
- https://snyk.io/vuln/SNYK-PYTHON-NBCONVERT-2979829
- https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-1041707
- https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-2441824
- https://snyk.io/vuln/SNYK-PYTHON-NOTEBOOK-2928995
- https://snyk.io/vuln/SNYK-PYTHON-PROMPTTOOLKIT-6141120
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1086606
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-1088505
- https://snyk.io/vuln/SNYK-PYTHON-PYGMENTS-5750273
---
 .../jupyter-tensorflow-full/requirements.txt             | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/components/example-notebook-servers/jupyter-tensorflow-full/requirements.txt b/components/example-notebook-servers/jupyter-tensorflow-full/requirements.txt
index 8d1a47dba67..005847ca73f 100644
--- a/components/example-notebook-servers/jupyter-tensorflow-full/requirements.txt
+++ b/components/example-notebook-servers/jupyter-tensorflow-full/requirements.txt
@@ -17,3 +17,12 @@ scikit-learn==0.24.2
 scipy==1.7.0
 seaborn==0.11.1
 xgboost==1.4.2
+certifi>=2024.7.4 # not directly required, pinned by Snyk to avoid a vulnerability
+ipython>=7.16.3 # not directly required, pinned by Snyk to avoid a vulnerability
+jinja2>=3.1.4 # not directly required, pinned by Snyk to avoid a vulnerability
+jupyter-core>=4.11.2 # not directly required, pinned by Snyk to avoid a vulnerability
+mistune>=2.0.3 # not directly required, pinned by Snyk to avoid a vulnerability
+nbconvert>=6.3.0b0 # not directly required, pinned by Snyk to avoid a vulnerability
+notebook>=6.4.12 # not directly required, pinned by Snyk to avoid a vulnerability
+prompt-toolkit>=3.0.13 # not directly required, pinned by Snyk to avoid a vulnerability
+pygments>=2.15.0 # not directly required, pinned by Snyk to avoid a vulnerability