From 1e21cc8b38b6d28a25a7ac9edc76b11e87ef1aeb Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 22 Jul 2025 05:17:13 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390193
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390194
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-5926907
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-6002459
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-7267250
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index f4ff4582b..4e6c2b3b4 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -36,6 +36,6 @@ prefect==2.20.4 # Workflow orchestration and automation
 modal==0.63.19 # Cloud platform for running Python code without managing infra
 
 rsa==3.3 # vulnerability
-urllib3==1.26.14 # vulnerability
+urllib3==2.5.0 # vulnerability
 dummy-project==2.0.2
 boto3