Update urllib3 to 2.7 in website/requirements.txt (#2406)

cary-ilm · web-flow · commit e175bcce3697 · 2026-05-13T20:55:09.000-07:00
* Update urllib3 to 2.7 in website/requirements.txt

Vulnerability detected in urllib3 &lt; 2.7

Signed-off-by: Cary Phillips &lt;cary@ilm.com&gt;

* require python 3.11

Signed-off-by: Cary Phillips &lt;cary@ilm.com&gt;

* regenerate requirements-lock.txt for "via -r"

Signed-off-by: Cary Phillips &lt;cary@ilm.com&gt;

---------

Signed-off-by: Cary Phillips &lt;cary@ilm.com&gt;
diff --git a/.readthedocs.yml b/.readthedocs.yml
@@ -11,7 +11,8 @@ version: 2
 build:
   os: "ubuntu-22.04"
   tools:
-    python: "3.9"
+    # urllib3>=2.7 (website/requirements.txt) requires Python >=3.10
+    python: "3.11"
        
 sphinx:
   configuration: website/conf.py
diff --git a/website/requirements-lock.txt b/website/requirements-lock.txt
@@ -278,9 +278,9 @@ snowballstemmer==3.0.1 \
     --hash=sha256:6cd7b3897da8d6c9ffb968a6781fa6532dce9c3618a4b127d920dab764a19064 \
     --hash=sha256:6d5eeeec8e9f84d4d56b847692bacf79bc2c8e90c7f80ca4444ff8b6f2e52895
     # via sphinx
-sphinx==7.2.6 \
-    --hash=sha256:1e09160a40b956dc623c910118fa636da93bd3ca0b9876a7b3df90f07d691560 \
-    --hash=sha256:9a5160e1ea90688d5963ba09a2dcd8bdd526620edbb65c328728f1b2228d5ab5
+sphinx==7.4.7 \
+    --hash=sha256:242f92a7ea7e6c5b406fdc2615413890ba9f699114a9c09192d7dfead2ee9cfe \
+    --hash=sha256:c2419e2135d11f1951cd994d6eb18a1835bd8fdd8429f9ca375dc1f3281bd239
     # via
     #   -r website/requirements.txt
     #   breathe
@@ -313,7 +313,9 @@ sphinxcontrib-serializinghtml==2.0.0 \
     --hash=sha256:6e2cb0eef194e10c27ec0023bfeb25badbbb5868244cf5bc5bdc04e4464bf331 \
     --hash=sha256:e9d912827f872c029017a53f0ef2180b327c3f7fd23c87229f7a8e8b70031d4d
     # via sphinx
-urllib3==2.6.3 \
-    --hash=sha256:1b62b6884944a57dbe321509ab94fd4d3b307075e0c2eae991ac71ee15ad38ed \
-    --hash=sha256:bf272323e553dfb2e87d9bfd225ca7b0f467b919d7bbd355436d3fd37cb0acd4
-    # via requests
+urllib3==2.7.0 \
+    --hash=sha256:231e0ec3b63ceb14667c67be60f2f2c40a518cb38b03af60abc813da26505f4c \
+    --hash=sha256:9fb4c81ebbb1ce9531cce37674bbc6f1360472bc18ca9a553ede278ef7276897
+    # via
+    #   -r website/requirements.txt
+    #   requests
diff --git a/website/requirements.txt b/website/requirements.txt
@@ -8,3 +8,4 @@ colorama==0.4.6 # necessary on Windows only
 sphinx==7.4.7
 breathe==4.36.0
 sphinx-press-theme
+urllib3>=2.7 # transitive via requests; floor for security fixes
