Phase 0.1 — Update urllib3 (HIGH: decompression-bomb + redirect chain)

## Context
urllib3 has multiple HIGH/MEDIUM-severity vulnerabilities:
- Decompression-bomb safeguards bypassed when following HTTP redirects
- Streaming API improperly handles highly compressed data  
- Allows an unbounded number of links in the decompression chain
- Redirects not disabled on PoolManager when retries disabled (MEDIUM)

## Steps
```bash
uv lock --upgrade-package urllib3
uv run pytest tests/
```
Confirm urllib3 Dependabot alerts resolved on GitHub after push.

See [wiki roadmap](https://github.com/fsecada01/TextSpitter/wiki/TextSpitter-2.0-Rust-Roadmap#phase-0-security-cleanup-pre-requisite) for full context.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Phase 0.1 — Update urllib3 (HIGH: decompression-bomb + redirect chain) #21

Context

Steps

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Phase 0.1 — Update urllib3 (HIGH: decompression-bomb + redirect chain) #21

Description

Context

Steps

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions