From 6e728b29633bfd07c3515258dff74eb86aa9cbc4 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 17 Dec 2023 16:30:17 +0000
Subject: [PATCH] fix:
 sdks/python/apache_beam/testing/benchmarks/cloudml/requirements.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321964
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321966
- https://snyk.io/vuln/SNYK-PYTHON-NUMPY-2321970
- https://snyk.io/vuln/SNYK-PYTHON-PYARROW-6052811
---
 .../apache_beam/testing/benchmarks/cloudml/requirements.txt     | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/sdks/python/apache_beam/testing/benchmarks/cloudml/requirements.txt b/sdks/python/apache_beam/testing/benchmarks/cloudml/requirements.txt
index 8ddfddece547..2ecef4dea273 100644
--- a/sdks/python/apache_beam/testing/benchmarks/cloudml/requirements.txt
+++ b/sdks/python/apache_beam/testing/benchmarks/cloudml/requirements.txt
@@ -17,3 +17,5 @@
 
 tfx_bsl
 tensorflow-transform
+numpy>=1.22.2 # not directly required, pinned by Snyk to avoid a vulnerability
+pyarrow>=14.0.1 # not directly required, pinned by Snyk to avoid a vulnerability