Merge pull request #817 from GSA/snyk-update

snyk update
GSA · Feb 28, 2025 · e43185f · e43185f
2 parents 6702658 + a45b5b7
commit e43185f
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 66 deletions.
diff --git a/.snyk b/.snyk
@@ -2,76 +2,12 @@
 version: v1.25.0
 # ignores vulnerabilities until expiry date; change duration by modifying expiry date
 ignore:
-  SNYK-PYTHON-WERKZEUG-6035177:
-    - '*':
-        reason: >-
-          Upgrade path is complex, Issue tracked in github:
-          https://github.com/GSA/data.gov/issues/4217
-        expires: 2025-02-28T19:29:54.032Z
-        created: 2023-11-01T13:35:17.972Z
-  SNYK-PYTHON-BEAKER-575115:
-    - '*':
-        reason: >-
-          No remediation available yet; Not affecting us since the storage is
-          not accessible to any other client
-        expires: 2025-02-28T19:29:54.032Z
-        created: 2022-12-08T16:20:58.023Z
-  SNYK-PYTHON-WERKZEUG-3319936:
-    - '*':
-        reason: >-
-          Upgrade path is complex, Issue tracked in github:
-          https://github.com/GSA/data.gov/issues/4217
-        expires: 2025-02-28T19:29:54.032Z
-        created: 2023-02-15T16:20:58.023Z
-  SNYK-PYTHON-WERKZEUG-3319935:
-    - '*':
-        reason: >-
-          Upgrade path is complex, Issue tracked in github:
-          https://github.com/GSA/data.gov/issues/4217
-        expires: 2025-02-28T16:20:58.017Z
-        created: 2023-02-15T16:20:58.023Z
-  SNYK-PYTHON-FLASK-5490129:
-    - '*':
-        reason: >-
-          Upgrade path is complex, Issue tracked in github:
-          https://github.com/GSA/data.gov/issues/4303
-        expires: 2025-02-28T19:29:54.032Z
-        created: 2023-05-08T16:20:58.023Z
-  SNYK-PYTHON-PYOPENSSL-6149520:
-    - '*':
-        reason: >-
-          No remediation available yet; Issue tracked in github:
-          https://github.com/GSA/data.gov/issues/4532
-        expires: 2025-02-28T19:29:54.032Z
-        created: 2024-01-11T19:29:54.039Z
-  SNYK-PYTHON-PYOPENSSL-6592766:
-    - '*':
-        reason: >-
-          No remediation available yet; Low severity.
-        expires: 2025-02-28T17:24:47.251Z
-        created: 2024-04-24T17:24:47.257Z
-  SNYK-PYTHON-WERKZEUG-6808933:
-    - '*':
-        reason: >-
-           Not affecting us since no debugger is enabled in cloud.gov apps
-        expires: 2025-02-28T19:29:54.032Z
-  SNYK-PYTHON-WERKZEUG-8309091:
-    - '*':
-        reason: >-
-           Not affecting us since it only affects Windows systems
-        expires: 2025-04-30T16:20:58.017Z
-  SNYK-PYTHON-WERKZEUG-8309092:
-    - '*':
-        reason: >-
-           Issue created and triaged. GitHub issue:
-           https://github.com/GSA/data.gov/issues/4951
-        expires: 2025-04-30T16:20:58.017Z
   SNYK-PYTHON-CKAN-8689473:
     - '*':
         reason: >-
            Issue created and triaged. GitHub issue:
            https://github.com/GSA/data.gov/issues/5071
-        expires: 2025-03-07T16:20:58.017Z
+        expires: 2025-03-31T16:20:58.017Z
 patch: {}
 # specify the directories or files to be excludeed from import:
 exclude:

diff --git a/requirements.txt b/requirements.txt
@@ -94,7 +94,7 @@ urllib3==2.3.0
 watchdog==6.0.0
 webassets==2.0
 webencodings==0.5.1
-Werkzeug==3.0.3
+Werkzeug==3.0.6
 wheel==0.42.0
 WTForms==3.2.1
 xlrd==2.0.1