Bump urllib3 from 2.1.0 to 2.2.2 in /src (#293)

* Bump urllib3 from 2.1.0 to 2.2.2 in /src Bumps [urllib3](https://github.com/urllib3/urllib3) from 2.1.0 to 2.2.2. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](urllib3/urllib3@2.1.0...2.2.2) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> * Require urllib3>=2.2.2 * Recompile requirements --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Romaniello <aromaniello@ntia.gov>
NTIA · Jul 25, 2024 · 0950fa9 · 0950fa9
1 parent b4cefb7
commit 0950fa9
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 3 deletions.
diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt
@@ -354,7 +354,7 @@ uritemplate==4.1.1
     # via
     #   -r requirements.txt
     #   drf-yasg
-urllib3==2.1.0
+urllib3==2.2.2
     # via
     #   -r requirements.txt
     #   requests

diff --git a/src/requirements.in b/src/requirements.in
@@ -19,4 +19,4 @@ idna>=3.7             # CVE-2024-3651
 grpcio>=1.53.0        # CVE-2023-32732, CVE-2023-32731, CVE-2023-1428
 pyyaml>=5.4.0         # CVE-2020-14343
 sqlparse>=0.5.0       # CVE-2024-4340
-urllib3>=1.26.18      # CVE-2023-45803
+urllib3>=2.2.2        # CVE-2024-37891
diff --git a/src/requirements.txt b/src/requirements.txt
@@ -169,7 +169,7 @@ typing-extensions==4.8.0
     # via asgiref
 uritemplate==4.1.1
     # via drf-yasg
-urllib3==2.1.0
+urllib3==2.2.2
     # via
     #   -r requirements.in
     #   requests