From ad8d5ba33b648c9d34405652a165df7f593a7299 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 14 Dec 2025 11:10:24 +0000
Subject: [PATCH] fix: requirements/optional_applied.txt to reduce
 vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-FONTTOOLS-14151621
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-14400977
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-14400978
- https://snyk.io/vuln/SNYK-PYTHON-TORNADO-14400979
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192442
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192443
---
 requirements/optional_applied.txt | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/requirements/optional_applied.txt b/requirements/optional_applied.txt
index 069fb3ec4e27b..a91f9d897aa8a 100644
--- a/requirements/optional_applied.txt
+++ b/requirements/optional_applied.txt
@@ -16,4 +16,7 @@ flower
 rllib
 seaborn
 datasets
-validators
\ No newline at end of file
+validators
+fonttools>=4.61.0 # not directly required, pinned by Snyk to avoid a vulnerability
+tornado>=6.5.3 # not directly required, pinned by Snyk to avoid a vulnerability
+urllib3>=2.6.0 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file