Hi,
Context:
I am new to Python coding.
numpy version 1.21.5 has a security vulnerability https://github.com/numpy/numpy/issues/18993.
This dependency is a transitive dependency not a direct dependency. We are sure that in our code we are not using any functionality that requires this
transitive dependency.
Request:
Is there any way to configure the requirement.txt to exclude transitive dependency ?
I see the issue is fixed in version 1.22.0* ---- unfortunately this is not in a stable release yet -- what is the time line for version 1.22.0 to become stable?
Please any help is really appreciated. Please do respond.
Hi, Context: I am new to Python coding. numpy version 1.21.5 has a security vulnerability https://github.com/numpy/numpy/issues/18993. This dependency is a transitive dependency not a direct dependency. We are sure that in our code we are not using any functionality that requires this transitive dependency.
Request: Is there any way to configure the requirement.txt to exclude transitive dependency ? I see the issue is fixed in version 1.22.0* ---- unfortunately this is not in a stable release yet -- what is the time line for version 1.22.0 to become stable?
Please any help is really appreciated. Please do respond.