[Snyk] Security upgrade urllib3 from 1.25.11 to 2.6.0

[rexdivakar]

Snyk has created this PR to fix 2 vulnerabilities in the pip dependencies of this project.

Snyk changed the following file(s):

• requirements.txt

⚠️ Warning

equests 2.24.0 requires urllib3, which is not installed.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.
• Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling

[rexdivakar]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[qodo-code-review]

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: build

Failed stage: Install dependencies [❌]

Failure summary: The action failed because building the wheel for matplotlib (version 3.2.2) on Python 3.11 failed during build_ext: - C extension matplotlib.ft2font could not compile due to missing/insufficient FreeType headers/libraries. - Errors from src/checkdep_freetype2.c: - line 3: #error "FreeType version 2.3 or higher is required..." (FreeType not found or too old) - line 10: #include FT_FREETYPE_H failed (headers not available) - Command /usr/bin/gcc exited with code 1, causing ERROR: Failed building wheel for matplotlib, and the job exited with code 1. - Root cause: Trying to build an old matplotlib (3.2.2) from source on the runner without FreeType dev packages (or using Python 3.11 where no prebuilt wheel exists), leading to dependency build failure.

Relevant error logs: 1: ##[group]Runner Image Provisioner 2: Hosted Compute Agent ... 326: ━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━ 1.4/1.4 MB 156.9 MB/s 0:00:00 327: Downloading propcache-0.4.1-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.manylinux_2_28_x86_64.whl (210 kB) 328: Downloading pyparsing-3.2.5-py3-none-any.whl (113 kB) 329: Downloading python_dateutil-2.9.0.post0-py2.py3-none-any.whl (229 kB) 330: Downloading six-1.17.0-py2.py3-none-any.whl (11 kB) 331: Downloading typing_extensions-4.15.0-py3-none-any.whl (44 kB) 332: Building wheels for collected packages: numpy, matplotlib, psutil 333: Building wheel for numpy (pyproject.toml): started 334: Building wheel for numpy (pyproject.toml): still running... 335: Building wheel for numpy (pyproject.toml): still running... 336: Building wheel for numpy (pyproject.toml): still running... 337: Building wheel for numpy (pyproject.toml): finished with status 'done' 338: Created wheel for numpy: filename=numpy-1.22.2-cp311-cp311-linux_x86_64.whl size=22869364 sha256=022b08e54eff13e2abf4dae4bb66f0f40d28195dc6ac574cbec1b6bc530d41f4 339: Stored in directory: /home/runner/.cache/pip/wheels/15/79/c9/52160caa0dc55467b255674e03bbe07cb975debc0efa9d5399 340: Building wheel for matplotlib (pyproject.toml): started 341: Building wheel for matplotlib (pyproject.toml): finished with status 'error' 342: error: subprocess-exited-with-error 343: × Building wheel for matplotlib (pyproject.toml) did not run successfully. 344: │ exit code: 1 345: ╰─> [619 lines of output] 346: <string>:33: SetuptoolsDeprecationWarning: The test command is disabled and references to it are deprecated. 347: !! 348: ******************************************************************************** 349: Please remove any references to `setuptools.command.test` in all supported versions of the affected package. 350: This deprecation is overdue, please update your project and remove deprecated 351: calls to avoid build errors in the future. 352: ******************************************************************************** ... 924: copying lib/matplotlib/backends/web_backend/jquery-ui-1.12.1/LICENSE.txt -> build/lib.linux-x86_64-cpython-311/matplotlib/backends/web_backend/jquery-ui-1.12.1 925: copying lib/matplotlib/mpl-data/fonts/ttf/DejaVuSansMono.ttf -> build/lib.linux-x86_64-cpython-311/matplotlib/mpl-data/fonts/ttf 926: copying lib/matplotlib/mpl-data/images/home.pdf -> build/lib.linux-x86_64-cpython-311/matplotlib/mpl-data/images 927: copying lib/matplotlib/mpl-data/fonts/pdfcorefonts/Helvetica.afm -> build/lib.linux-x86_64-cpython-311/matplotlib/mpl-data/fonts/pdfcorefonts 928: copying lib/matplotlib/mpl-data/fonts/pdfcorefonts/Helvetica-BoldOblique.afm -> build/lib.linux-x86_64-cpython-311/matplotlib/mpl-data/fonts/pdfcorefonts 929: copying lib/matplotlib/mpl-data/fonts/ttf/STIXNonUniIta.ttf -> build/lib.linux-x86_64-cpython-311/matplotlib/mpl-data/fonts/ttf 930: copying lib/matplotlib/mpl-data/images/help_large.png -> build/lib.linux-x86_64-cpython-311/matplotlib/mpl-data/images 931: copying lib/matplotlib/mpl-data/fonts/ttf/DejaVuSerif-BoldItalic.ttf -> build/lib.linux-x86_64-cpython-311/matplotlib/mpl-data/fonts/ttf 932: copying lib/matplotlib/mpl-data/fonts/afm/pbkl8a.afm -> build/lib.linux-x86_64-cpython-311/matplotlib/mpl-data/fonts/afm 933: UPDATING build/lib.linux-x86_64-cpython-311/matplotlib/_version.py 934: set build/lib.linux-x86_64-cpython-311/matplotlib/_version.py to '3.2.2' 935: running build_ext 936: building 'matplotlib.ft2font' extension 937: creating build/temp.linux-x86_64-cpython-311/src 938: gcc -Wsign-compare -DNDEBUG -g -fwrapv -O3 -Wall -fPIC -DFREETYPE_BUILD_TYPE=system -DPY_ARRAY_UNIQUE_SYMBOL=MPL_matplotlib_ft2font_ARRAY_API -DNPY_NO_DEPRECATED_API=NPY_1_7_API_VERSION -D__STDC_FORMAT_MACROS=1 -Iextern/agg24-svn/include -I/tmp/pip-build-env-n2nurt_3/normal/lib/python3.11/site-packages/numpy/_core/include -I/opt/hostedtoolcache/Python/3.11.14/x64/include/python3.11 -c src/checkdep_freetype2.c -o build/temp.linux-x86_64-cpython-311/src/checkdep_freetype2.o 939: src/checkdep_freetype2.c:3:6: error: #error "FreeType version 2.3 or higher is required. You may set the MPLLOCALFREETYPE environment variable to 1 to let Matplotlib download it." 940: 3 | #error "FreeType version 2.3 or higher is required. \ 941: | ^~~~~ 942: src/checkdep_freetype2.c:10:10: error: #include expects "FILENAME" or <FILENAME> 943: 10 | #include FT_FREETYPE_H 944: | ^~~~~~~~~~~~~ 945: src/checkdep_freetype2.c:15:9: note: ‘#pragma message: Compiling with FreeType version FREETYPE_MAJOR.FREETYPE_MINOR.FREETYPE_PATCH.’ 946: 15 | #pragma message("Compiling with FreeType version " \ 947: | ^~~~~~~ 948: src/checkdep_freetype2.c:18:4: error: #error "FreeType version 2.3 or higher is required. You may set the MPLLOCALFREETYPE environment variable to 1 to let Matplotlib download it." 949: 18 | #error "FreeType version 2.3 or higher is required. \ 950: | ^~~~~ 951: error: command '/usr/bin/gcc' failed with exit code 1 952: [end of output] 953: note: This error originates from a subprocess, and is likely not a problem with pip. 954: ERROR: Failed building wheel for matplotlib 955: Building wheel for psutil (pyproject.toml): started 956: Building wheel for psutil (pyproject.toml): finished with status 'done' 957: Created wheel for psutil: filename=psutil-5.7.3-cp311-cp311-linux_x86_64.whl size=277867 sha256=43a8d385620158c16fb03cf5ee58f6e0591bc8621ed4a47b989acf1eb96e3c4b 958: Stored in directory: /home/runner/.cache/pip/wheels/3d/ee/89/fe267d258d17a2b882b1c19eab3bfe403f3e0212da3b0714ea 959: Successfully built numpy psutil 960: Failed to build matplotlib 961: error: failed-wheel-build-for-install 962: × Failed to build installable wheels for some pyproject.toml based projects 963: ╰─> matplotlib 964: ##[error]Process completed with exit code 1. 965: Post job cleanup.