From 916dac5a17ce5556e5de9432d9746d7ba9b3511b Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 9 Jan 2026 00:23:16 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14896210
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 02a4cf5fd0..f713b9fbd0 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -83,7 +83,7 @@ tblib>=3.1.0  # So that the django test runner provides tracebacks
 tlds>=2022042700  # Used to teach bleach about which TLDs currently exist
 tqdm>=4.67.1
 unidecode>=1.4.0
-urllib3>=2.5.0
+urllib3>=2.6.3
 weasyprint>=66.0
 xml2rfc>=3.30.0
 xym>=0.6,<1.0