fix: requirements-demo.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6043904 - https://snyk.io/vuln/SNYK-PYTHON-TORNADO-6041512
ulf1 · Nov 3, 2023 · e4052a5 · e4052a5
1 parent 983c163
commit e4052a5
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/requirements-demo.txt b/requirements-demo.txt
@@ -3,3 +3,5 @@ matplotlib>=3.1.*
 quandl>=3.5.*
 pandas>=1.0.*
 setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
+pillow>=10.0.0 # not directly required, pinned by Snyk to avoid a vulnerability
+tornado>=6.3.3 # not directly required, pinned by Snyk to avoid a vulnerability