From c9b4e184c6331b5158dc8ec40f3c09eb69b1974e Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Mon, 15 Dec 2025 09:14:18 +0000 Subject: [PATCH] fix: workflow/requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-14151621 --- workflow/requirements.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/workflow/requirements.txt b/workflow/requirements.txt index e3fe83e..a0cbaba 100644 --- a/workflow/requirements.txt +++ b/workflow/requirements.txt @@ -5,4 +5,5 @@ scipy cvxopt PyYAML pytest -pytest-cov \ No newline at end of file +pytest-cov +fonttools>=4.61.0 # not directly required, pinned by Snyk to avoid a vulnerability \ No newline at end of file