From 73b41db2ac5fe0aefd68e696bf6573618a7ec041 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Wed, 11 Jun 2025 08:07:27 +0000
Subject: [PATCH] fix:
 packages/python/plotly/test_requirements/requirements_39_optional.txt to
 reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-JUPYTERCORE-10300774
- https://snyk.io/vuln/SNYK-PYTHON-REQUESTS-10305723
---
 .../plotly/test_requirements/requirements_39_optional.txt      | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/packages/python/plotly/test_requirements/requirements_39_optional.txt b/packages/python/plotly/test_requirements/requirements_39_optional.txt
index 411c9c0f158..33ffd54b4cd 100644
--- a/packages/python/plotly/test_requirements/requirements_39_optional.txt
+++ b/packages/python/plotly/test_requirements/requirements_39_optional.txt
@@ -1,4 +1,4 @@
-requests==2.25.1
+requests==2.32.4
 tenacity==6.2.0
 pandas==1.2.4
 numpy==1.20.2
@@ -19,3 +19,4 @@ matplotlib==2.2.3
 scikit-image==0.18.1
 psutil==5.7.0
 kaleido
+jupyter-core>=5.8.0 # not directly required, pinned by Snyk to avoid a vulnerability