From 0810691ed0f3ed24a557e51f714b0200c944b42d Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 4 Jun 2026 00:14:01 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-10074036
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-10302884
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-12485156
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-13836728
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-13837025
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157807
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-14157810
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-15183335
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7435780
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436273
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436514
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7436646
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642790
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642791
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642813
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7642814
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7886958
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-7886959
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-8456315
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-8456316
- https://snyk.io/vuln/SNYK-PYTHON-DJANGO-9296408
- https://snyk.io/vuln/SNYK-PYTHON-DJANGORESTFRAMEWORK-7252137
- https://snyk.io/vuln/SNYK-PYTHON-IDNA-16769942
- https://snyk.io/vuln/SNYK-PYTHON-SETUPTOOLS-3180412
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-14157217
- https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390194
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192442
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192443
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14896210
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-16642024
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
---
 requirements.txt | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 31e8ea69d1..8e8537aa77 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -87,9 +87,11 @@ tblib>=3.1.0  # So that the django test runner provides tracebacks
 tlds>=2022042700  # Used to teach bleach about which TLDs currently exist
 tqdm>=4.67.1
 unidecode>=1.4.0
-urllib3>=2.5.0
+urllib3>=2.7.0
 weasyprint>=66.0
 xml2rfc>=3.30.0
 xym>=0.6,<0.10.0
 zxcvbn>=4.5.0
 types-zxcvbn~=4.5.0.20250223  # match zxcvbn version
+idna>=3.15 # not directly required, pinned by Snyk to avoid a vulnerability
+sqlparse>=0.5.4 # not directly required, pinned by Snyk to avoid a vulnerability