From 5d8e7b6b5cf517d888662414811dafc6ff930aaa Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 10 Dec 2025 08:34:52 +0000
Subject: [PATCH] fix: iap/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192442
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-14192443
---
 iap/requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/iap/requirements.txt b/iap/requirements.txt
index 3a3534a64db..a9a363ae313 100644
--- a/iap/requirements.txt
+++ b/iap/requirements.txt
@@ -5,3 +5,4 @@ google-auth==1.6.2
 gunicorn==19.9.0
 requests==2.21.0
 requests_toolbelt==0.9.1
+urllib3>=2.6.0 # not directly required, pinned by Snyk to avoid a vulnerability