security: pin urllib3>=2.6.0 to fix CVE-2024-37891

Bentlybro · Bentlybro · commit 673bcfbdeb63 · 2026-02-17T10:51:50.000Z
diff --git a/requirements.txt b/requirements.txt
@@ -16,6 +16,7 @@ httpx[http2]
 bcrypt==5.0.0
 python-dotenv==1.2.1
 requests==2.32.5
+urllib3>=2.6.0  # Security fix for CVE-2024-37891
 pre-commit==4.5.1
 pydantic==2.12.5
 Flask-Talisman==1.1.0
