From b8e940ca26246c486d6b828090e08d78f60d8e45 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Fri, 9 Jan 2026 15:45:30 +0000 Subject: [PATCH] fix: samples/server/petstore/python-flask/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-14908843 --- samples/server/petstore/python-flask/requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/samples/server/petstore/python-flask/requirements.txt b/samples/server/petstore/python-flask/requirements.txt index 70e1f0c55402..fb6f65a1287a 100644 --- a/samples/server/petstore/python-flask/requirements.txt +++ b/samples/server/petstore/python-flask/requirements.txt @@ -4,7 +4,7 @@ connexion[swagger-ui] <= 2.3.0; python_version=="3.5" or python_version=="3.4" # connexion requires werkzeug but connexion < 2.4.0 does not install werkzeug # we must peg werkzeug versions below to fix connexion # https://github.com/zalando/connexion/pull/1044 -werkzeug == 0.16.1; python_version=="3.5" or python_version=="3.4" +werkzeug==3.1.5; python_version=="3.5" or python_version=="3.4" swagger-ui-bundle >= 0.0.2 python_dateutil >= 2.6.0 setuptools >= 21.0.0