From 31dd665cc8413289140ff7a5dfc0d85e08cb295a Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 10 Jun 2025 09:16:50 +0000
Subject: [PATCH] fix:
 packages/python/plotly/test_requirements/requirements_37_optional.txt to
 reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERCORE-10300774
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-10305723
---
 .../plotly/test_requirements/requirements_37_optional.txt      | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/packages/python/plotly/test_requirements/requirements_37_optional.txt b/packages/python/plotly/test_requirements/requirements_37_optional.txt
index 8c33824da66..699ebb92b21 100644
--- a/packages/python/plotly/test_requirements/requirements_37_optional.txt
+++ b/packages/python/plotly/test_requirements/requirements_37_optional.txt
@@ -1,4 +1,4 @@
-requests==2.12.4
+requests==2.32.4
 tenacity==6.2.0
 pandas==0.24.2
 numpy==1.19.5
@@ -19,3 +19,4 @@ matplotlib==2.2.3
 scikit-image==0.14.4
 psutil==5.7.0
 kaleido
+jupyter-core>=5.8.0 # not directly required, pinned by Snyk to avoid a vulnerability