From af18b46f9a6797f75d3ac17a9e011c8819e05488 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 14 Jan 2026 07:59:22 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-AUTHLIB-14908840
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14896210
- https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-14908843
---
 requirements.txt | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements.txt b/requirements.txt
index de7ae96..f5becc1 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,6 +1,6 @@
 -i https://pypi.org/simple
 alembic==1.10.1
-authlib==0.15.6
+authlib==1.6.6
 babel==2.12.1
 blinker==1.5
 certifi==2022.12.7
@@ -46,8 +46,8 @@ setuptools==67.5.1
 six==1.16.0
 sqlalchemy==2.0.5.post1
 typing-extensions==4.5.0
-urllib3==1.26.14
+urllib3==2.6.3
 visitor==0.1.3
-werkzeug==2.2.3
+werkzeug==3.1.5
 wtforms==3.0.1
 zipp==3.15.0