Skip to content

Commit 95cee26

Browse files
claudeclaude
committed
fix: bump urllib3 minimum to 2.6.3 for CVE-2026-21441
Tighten the urllib3 constraint from >2.6.0 to >2.6.2 so the resolver picks 2.6.3+, which patches CVE-2026-21441 (vulnerable range >=1.22, <2.6.3).
1 parent 1ff3888 commit 95cee26

2 files changed

Lines changed: 5 additions & 5 deletions

File tree

poetry.lock

Lines changed: 4 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pyproject.toml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -24,7 +24,7 @@ types-toml = "^0.10.2"
2424
toml = "^0.10.2"
2525
hikaru-model-28 = "^1.1.0"
2626
kubernetes = "^29"
27-
urllib3 = ">2.6.0"
27+
urllib3 = ">2.6.2"
2828
click = "8.1.8"
2929

3030

0 commit comments

Comments
 (0)