scripts: make sure we do not install vulunerable python packages

nashif · nashif · commit 56f7dc4c2ea3 · 2025-03-22T14:03:56.000-04:00
Make sure we install packages with no issues, some of the issues being reporting on packages we might install using pip: Warn: Project is vulnerable to: PYSEC-2019-41 / GHSA-qfc5-mcwq-26q8 Warn: Project is vulnerable to: PYSEC-2014-14 / GHSA-652x-xj99-gmcc Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56 Warn: Project is vulnerable to: PYSEC-2014-13 / GHSA-cfj3-7x9c-4p3h Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg Warn: Project is vulnerable to: PYSEC-2017-74 Warn: Project is vulnerable to: GHSA-55x5-fj6c-h6m8 Warn: Project is vulnerable to: PYSEC-2014-9 / GHSA-57qw-cc2g-pv5p Warn: Project is vulnerable to: PYSEC-2021-19 / GHSA-jq4v-f5q6-mjqq Warn: Project is vulnerable to: GHSA-pgww-xf46-h92r Warn: Project is vulnerable to: PYSEC-2022-230 / GHSA-wrxv-2j5q-m38w Warn: Project is vulnerable to: PYSEC-2018-12 / GHSA-xp26-p53h-6h2p Warn: Project is vulnerable to: PYSEC-2024-4 / GHSA-2mqj-m65w-jghx Warn: Project is vulnerable to: PYSEC-2023-165 / GHSA-cwvm-v4w8-q58c Warn: Project is vulnerable to: PYSEC-2022-42992 / GHSA-hcpj-qp55-gfph Warn: Project is vulnerable to: PYSEC-2023-137 / GHSA-pr76-5cm5-w9cj Warn: Project is vulnerable to: PYSEC-2023-161 / GHSA-wfm5-v35h-vwf4 Warn: Project is vulnerable to: GHSA-3f63-hfp8-52jq Warn: Project is vulnerable to: GHSA-44wm-f244-xhp3 Warn: Project is vulnerable to: GHSA-56pw-mpj4-fxww Warn: Project is vulnerable to: GHSA-j7hp-h8jx-5ppr Warn: Project is vulnerable to: PYSEC-2023-175 Warn: Project is vulnerable to: PYSEC-2018-34 / GHSA-2fc2-6r4j-p65h Warn: Project is vulnerable to: PYSEC-2021-856 / GHSA-5545-2q6w-2gh6 Warn: Project is vulnerable to: PYSEC-2019-108 / GHSA-9fq2-x9r6-wfmf Warn: Project is vulnerable to: PYSEC-2018-33 / GHSA-cw6w-4rcx-xphc Warn: Project is vulnerable to: PYSEC-2021-857 / GHSA-f7c7-j99h-c22f Warn: Project is vulnerable to: GHSA-fpfv-jqm9-f5jm Warn: Project is vulnerable to: PYSEC-2017-1 / GHSA-frgw-fgh6-9g52 Warn: Project is vulnerable to: GHSA-c6fm-rgw4-8q73 Signed-off-by: Anas Nashif <anas.nashif@intel.com>
diff --git a/scripts/requirements-base.txt b/scripts/requirements-base.txt
@@ -18,12 +18,12 @@ canopen
 packaging
 progress
 patool
-psutil
+psutil>=5.6.6
 pylink-square
 pyserial
-requests
+requests>=2.32.0
 semver
-tqdm
+tqdm>=4.67.1
 
 # for ram/rom reports
 anytree
diff --git a/scripts/requirements-compliance.txt b/scripts/requirements-compliance.txt
@@ -5,7 +5,7 @@
 clang-format>=15.0.0
 gitlint
 junitparser>=2
-lxml
+lxml>=5.3.0
 pykwalify
 pylint>=3
 python-magic-bin; sys_platform == "win32"
diff --git a/scripts/requirements-extras.txt b/scripts/requirements-extras.txt
@@ -4,7 +4,7 @@
 anytree
 
 # to use in ./scripts for memory footprint, code coverage, etc.
-gitpython
+gitpython>=3.1.41
 
 # helper for developers - check git commit messages
 gitlint
@@ -16,7 +16,7 @@ junit2html
 lpc_checksum
 
 # used by scripts/build/gen_cfb_font_header.py - helper script for user
-Pillow>=10.0
+Pillow>=10.3.0
 
 # used by scripts/release/bug_bash.py for generating top ten bug squashers
 PyGithub
diff --git a/scripts/requirements-run-test.txt b/scripts/requirements-run-test.txt
@@ -13,7 +13,7 @@ natsort
 cbor>=1.0.0
 
 # use for twister
-psutil
+psutil>=5.6.6
 
 # used for CAN <=> host testing
 python-can>=4.3.0
diff --git a/tests/kernel/timer/timer_behavior/pytest/requirements-saleae.txt b/tests/kernel/timer/timer_behavior/pytest/requirements-saleae.txt
@@ -1,4 +1,4 @@
-numpy
+numpy>=2.2.3
 protobuf>=5.27.2
 grpcio-tools>=1.66.0
 logic2-automation>=1.0.7
diff --git a/tests/net/lib/lwm2m/interop/requirements.txt b/tests/net/lib/lwm2m/interop/requirements.txt
@@ -1 +1 @@
-CoAPthon3
+CoAPthon3>=1.0.2
