From 997a15d6ce8ecd8f50f64eb1b537b7fbd8c9e892 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 27 Apr 2026 23:22:58 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-LXML-16119103
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index ca9a6740e1..5a558049b4 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -48,7 +48,7 @@ jsonfield>=3.2.0  # deprecated - need to replace with Django's JSONField
 jsonschema[format]>=4.25.0
 jwcrypto>=1.5.6  # for signed notifications - this is aspirational, and is not really used.
 logging_tree>=1.10  # Used only by the showloggers management command
-lxml>=6.0.0
+lxml>=6.1.0
 markdown>=3.8.0
 types-markdown>=3.8.0
 mock>=5.2.0  # should replace with unittest.mock and remove dependency