From d0956d02105ed120e33779ce6fe9657527485c56 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 21 Jun 2025 06:15:35 +0000
Subject: [PATCH] fix: framework/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-10364902
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390193
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390194
---
 framework/requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/framework/requirements.txt b/framework/requirements.txt
index a16b80fd3f3..42fadfa2552 100644
--- a/framework/requirements.txt
+++ b/framework/requirements.txt
@@ -59,7 +59,7 @@ numpy==1.26.0
 openapi-spec-validator==0.2.6
 packaging==20.9
 pathlib==1.0.1
-protobuf==3.19.6
+protobuf==4.25.8
 proto-plus==1.19.0
 psutil==5.9.0
 pyarrow==13.0.0
@@ -82,7 +82,7 @@ SQLAlchemy==2.0.0
 tabulate==0.8.9
 typing-extensions==4.5.0
 typing-inspect==0.7.1
-urllib3==1.26.5
+urllib3==2.5.0
 uvloop==0.17.0
 websocket-client==0.57.0
 Werkzeug==2.2.3