From b5f076e6b9186a9367dfe9fa816dd92c72a30a40 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 11 Jan 2026 10:32:55 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-BOKEH-14894275
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14896210
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-14908843
---
 requirements.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index 7287ffe..d54b97c 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -15,7 +15,7 @@ beautifulsoup4==4.7.1
 bitarray==0.8.3
 bkcharts==0.2
 bleach==3.1.0
-bokeh==1.0.4
+bokeh==3.8.2
 boto==2.49.0
 Bottleneck==1.2.1
 certifi==2019.3.9
@@ -190,10 +190,10 @@ traitlets==4.3.2
 typed-ast==1.3.5
 unicodecsv==0.14.1
 update==0.0.1
-urllib3==1.25.3
+urllib3==2.6.3
 wcwidth==0.1.7
 webencodings==0.5.1
-Werkzeug==0.14.1
+Werkzeug==3.1.5
 widgetsnbextension==3.4.2
 win-inet-pton==1.1.0
 win-unicode-console==0.5