From 7d8d40e6c846eed99f5bf8d23b968abb5e61fcb6 Mon Sep 17 00:00:00 2001
From: Piyush <piyush.tiwari@mendix.com>
Date: Tue, 24 Mar 2026 19:29:45 +0530
Subject: [PATCH] Fix CVEs in requests, jinja2, cryptography dependencies

---
 requirements.in  |  8 ++++----
 requirements.txt | 12 +++++++-----
 2 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/requirements.in b/requirements.in
index 737cf86b6..edee2e58f 100644
--- a/requirements.in
+++ b/requirements.in
@@ -1,11 +1,11 @@
 backoff==2.2.1
 certifi==2024.8.30
-cryptography==43.0.3
+cryptography==46.0.5
 distro==1.9.0
 httplib2==0.22.0
-jinja2==3.1.4
+jinja2==3.1.6
 omegaconf==2.3.0
 psycopg2-binary==2.9.10
 pyyaml==6.0.2
-requests==2.32.3
-urllib3==2.2.3
+requests==2.32.5
+urllib3==2.6.3
diff --git a/requirements.txt b/requirements.txt
index cf445dc2d..91b30ca73 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -2,7 +2,7 @@
 # This file is autogenerated by pip-compile with Python 3.10
 # by the following command:
 #
-#    pip-compile --strip-extras requirements.in
+#    pip-compile --cert=None --client-cert=None --index-url=None --pip-args=None --strip-extras requirements.in
 #
 antlr4-python3-runtime==4.9.3
     # via omegaconf
@@ -12,11 +12,11 @@ certifi==2024.8.30
     # via
     #   -r requirements.in
     #   requests
-cffi==1.14.4
+cffi==2.0.0
     # via cryptography
 charset-normalizer==2.0.3
     # via requests
-cryptography==43.0.3
+cryptography==46.0.5
     # via -r requirements.in
 distro==1.9.0
     # via -r requirements.in
@@ -24,7 +24,7 @@ httplib2==0.22.0
     # via -r requirements.in
 idna==3.10
     # via requests
-jinja2==3.1.4
+jinja2==3.1.6
     # via -r requirements.in
 markupsafe==2.0.1
     # via jinja2
@@ -40,8 +40,10 @@ pyyaml==6.0.2
     # via
     #   -r requirements.in
     #   omegaconf
-requests==2.32.3
+requests==2.32.5
     # via -r requirements.in
+typing-extensions==4.15.0
+    # via cryptography
 urllib3==2.6.3
     # via
     #   -r requirements.in