[Snyk] Fix for 3 vulnerabilities

fix: requirements.txt to reduce vulnerabilities
The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-10305723 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390193 - https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390194
2025-09-13 14:20:22 -03:00 · 2025-07-12 10:32:05 +00:00
4 changed files with 5 additions and 4 deletions
--- a/.github/workflows/codecov.yaml
+++ b/.github/workflows/codecov.yaml
@ -15,6 +15,6 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-    - uses: actions/checkout@v4    
+    - uses: actions/checkout@v3    
    - name: Upload coverage reports to Codecov
      uses: codecov/codecov-action@v3
--- a/.github/workflows/python-app.yml
+++ b/.github/workflows/python-app.yml
@ -15,7 +15,7 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@v3
    - name: Set up Python 3.11
      uses: actions/setup-python@v4
      with:
--- a/.github/workflows/static.yml
+++ b/.github/workflows/static.yml
@ -29,7 +29,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
      - name: Setup Pages
        uses: actions/configure-pages@v3
      - name: Upload artifact
--- a/requirements.txt
+++ b/requirements.txt
@ -4,4 +4,5 @@ discord.py==2.2.2
 emoji==2.2.0
 prettytable==3.6.0
 psutil==5.9.4
-requests==2.28.2
+requests==2.32.4
+urllib3>=2.5.0 # not directly required, pinned by Snyk to avoid a vulnerability