From 633c7ddc610f6817100790342d4af157f33abbef Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sun, 11 Jan 2026 08:55:50 +0000
Subject: [PATCH] fix: requirements-dev.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14896210
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-14908843
---
 requirements-dev.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/requirements-dev.txt b/requirements-dev.txt
index 426f4b2..c98455c 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -23,6 +23,7 @@ selenium >= 4.11
 setuptools >= 68.0
 twine
 tornado >= 6.2
-werkzeug >= 2.2.3
+werkzeug>=3.1.5
 wheel >= 0.42
 requests>=2.32.0 # not directly required, pinned by Snyk to avoid a vulnerability
+urllib3>=2.6.3 # not directly required, pinned by Snyk to avoid a vulnerability