From ef6d572d70f9997550e816febbc2028f91bd381b Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 24 Jan 2026 18:25:27 +0000
Subject: [PATCH] fix: responsibleai_vision/requirements-automl.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PYASN1-15032639
- https://snyk.io/vuln/SNYK-PYTHON-TORCH-10332644
- https://snyk.io/vuln/SNYK-PYTHON-TORCH-10332645
- https://snyk.io/vuln/SNYK-PYTHON-WHEEL-15053866
---
 responsibleai_vision/requirements-automl.txt | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/responsibleai_vision/requirements-automl.txt b/responsibleai_vision/requirements-automl.txt
index 08e6113223..dc7c818bb3 100644
--- a/responsibleai_vision/requirements-automl.txt
+++ b/responsibleai_vision/requirements-automl.txt
@@ -1,2 +1,5 @@
 opencv-python==4.3.0.36
-azureml-automl-dnn-vision>=1.47.0
\ No newline at end of file
+azureml-automl-dnn-vision>=1.47.0
+pyasn1>=0.6.2 # not directly required, pinned by Snyk to avoid a vulnerability
+torch>=2.10.0 # not directly required, pinned by Snyk to avoid a vulnerability
+wheel>=0.46.2 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file