scripts: make sure we do not install vulunerable python packages

Make sure we install packages with no issues, some of the issues being
reporting on packages we might install using pip:

Warn: Project is vulnerable to: PYSEC-2019-41 / GHSA-qfc5-mcwq-26q8
Warn: Project is vulnerable to: PYSEC-2014-14 / GHSA-652x-xj99-gmcc
Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56
Warn: Project is vulnerable to: PYSEC-2014-13 / GHSA-cfj3-7x9c-4p3h
Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg
Warn: Project is vulnerable to: PYSEC-2017-74
Warn: Project is vulnerable to: GHSA-55x5-fj6c-h6m8
Warn: Project is vulnerable to: PYSEC-2014-9 / GHSA-57qw-cc2g-pv5p
Warn: Project is vulnerable to: PYSEC-2021-19 / GHSA-jq4v-f5q6-mjqq
Warn: Project is vulnerable to: GHSA-pgww-xf46-h92r
Warn: Project is vulnerable to: PYSEC-2022-230 / GHSA-wrxv-2j5q-m38w
Warn: Project is vulnerable to: PYSEC-2018-12 / GHSA-xp26-p53h-6h2p
Warn: Project is vulnerable to: PYSEC-2024-4 / GHSA-2mqj-m65w-jghx
Warn: Project is vulnerable to: PYSEC-2023-165 / GHSA-cwvm-v4w8-q58c
Warn: Project is vulnerable to: PYSEC-2022-42992 / GHSA-hcpj-qp55-gfph
Warn: Project is vulnerable to: PYSEC-2023-137 / GHSA-pr76-5cm5-w9cj
Warn: Project is vulnerable to: PYSEC-2023-161 / GHSA-wfm5-v35h-vwf4
Warn: Project is vulnerable to: GHSA-3f63-hfp8-52jq
Warn: Project is vulnerable to: GHSA-44wm-f244-xhp3
Warn: Project is vulnerable to: GHSA-56pw-mpj4-fxww
Warn: Project is vulnerable to: GHSA-j7hp-h8jx-5ppr
Warn: Project is vulnerable to: PYSEC-2023-175
Warn: Project is vulnerable to: PYSEC-2018-34 / GHSA-2fc2-6r4j-p65h
Warn: Project is vulnerable to: PYSEC-2021-856 / GHSA-5545-2q6w-2gh6
Warn: Project is vulnerable to: PYSEC-2019-108 / GHSA-9fq2-x9r6-wfmf
Warn: Project is vulnerable to: PYSEC-2018-33 / GHSA-cw6w-4rcx-xphc
Warn: Project is vulnerable to: PYSEC-2021-857 / GHSA-f7c7-j99h-c22f
Warn: Project is vulnerable to: GHSA-fpfv-jqm9-f5jm
Warn: Project is vulnerable to: PYSEC-2017-1 / GHSA-frgw-fgh6-9g52
Warn: Project is vulnerable to: GHSA-c6fm-rgw4-8q73

Signed-off-by: Anas Nashif <anas.nashif@intel.com>

scripts/requirements-base.txt

@@ -18,12 +18,12 @@ canopen
 packaging
 progress
 patool
-psutil
+psutil>=5.6.6
 pylink-square
 pyserial
-requests
+requests>=2.32.0
 semver
-tqdm
+tqdm>=4.67.1
 
 # for ram/rom reports
 anytree

scripts/requirements-compliance.txt

@@ -5,7 +5,7 @@
 clang-format>=15.0.0
 gitlint
 junitparser>=2
-lxml
+lxml>=5.3.0
 pykwalify
 pylint>=3
 python-magic-bin; sys_platform == "win32"

scripts/requirements-extras.txt

@@ -4,7 +4,7 @@
 anytree
 
 # to use in ./scripts for memory footprint, code coverage, etc.
-gitpython
+gitpython>=3.1.41
 
 # helper for developers - check git commit messages
 gitlint
@@ -16,7 +16,7 @@ junit2html
 lpc_checksum
 
 # used by scripts/build/gen_cfb_font_header.py - helper script for user
-Pillow>=10.0
+Pillow>=10.3.0
 
 # used by scripts/release/bug_bash.py for generating top ten bug squashers
 PyGithub

scripts/requirements-run-test.txt

@@ -13,7 +13,7 @@ natsort
 cbor>=1.0.0
 
 # use for twister
-psutil
+psutil>=5.6.6
 
 # used for CAN <=> host testing
 python-can>=4.3.0

tests/kernel/timer/timer_behavior/pytest/requirements-saleae.txt

@@ -1,4 +1,4 @@
-numpy
+numpy>=2.2.3
 protobuf>=5.27.2
 grpcio-tools>=1.66.0
 logic2-automation>=1.0.7

tests/net/lib/lwm2m/interop/requirements.txt

@@ -1 +1 @@
-CoAPthon3
+CoAPthon3>=1.0.2