fix: requirements-cli.txt to reduce vulnerabilities

snyk-bot · snyk-bot · commit fc3d4e7de9ee · 2025-02-05T06:03:31.000Z
The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-7448482
diff --git a/requirements-cli.txt b/requirements-cli.txt
@@ -46,7 +46,7 @@ pip-audit                 # https://github.com/pypa/pip-audit
 #pre-commit               # https://pre-commit.com/
 #pydot                    # use tegether with cfn-lint to generate DOT file, require graphviz
 #yq                       # YAML/XML processor - jq wrapper for YAML/XML documents, https://github.com/kislyuk/yq
-setuptools>=65.5.1        # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=70.0.0        # not directly required, pinned by Snyk to avoid a vulnerability
 sympy>=1.12               # not directly required, pinned by Snyk to avoid a vulnerability
 requests>=2.32.0          # not directly required, pinned by Snyk to avoid a vulnerability
 urllib3>=2.2.2 # not directly required, pinned by Snyk to avoid a vulnerability
