Skip to content

DOCS: Bump readthedocs deps to fix urllib3 vulnerability#11356

Open
Alexey-Rivkin wants to merge 1 commit intoopenucx:masterfrom
Alexey-Rivkin:topic/update-docs-deps
Open

DOCS: Bump readthedocs deps to fix urllib3 vulnerability#11356
Alexey-Rivkin wants to merge 1 commit intoopenucx:masterfrom
Alexey-Rivkin:topic/update-docs-deps

Conversation

@Alexey-Rivkin
Copy link
Copy Markdown
Contributor

@Alexey-Rivkin Alexey-Rivkin commented Apr 19, 2026

What?

Bump readthedocs build deps to resolve Dependabot alert #1
(urllib3 <2.0 vulnerability, medium severity, patched in 2.5.0).

Why?

https://github.com/openucx/ucx/security/dependabot/1

How?

  • urllib3 <2.0==2.6.3 (the fix)
  • Other deps bumped to latest stable while here
  • RTD env bumped to Ubuntu 24.04 + Python 3.12 (required by sphinx 9.x)

@Alexey-Rivkin
DOCS: Bump readthedocs deps to fix urllib3 vulnerability
8387264 
Bump readthedocs build deps to resolve Dependabot alert openucx#1
(urllib3 <2.0 vulnerability, medium severity, patched in 2.5.0).

- urllib3 <2.0 -> ==2.6.3 (the fix)
- Other deps bumped to latest stable while here
- RTD env bumped to Ubuntu 24.04 + Python 3.12 (required by sphinx 9.x)

Signed-off-by: Alexey Rivkin <[email protected]>
@Alexey-Rivkin Alexey-Rivkin marked this pull request as ready for review April 19, 2026 11:57
@Alexey-Rivkin Alexey-Rivkin requested a review from dpressle April 19, 2026 11:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dpressle dpressle dpressle approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@Alexey-Rivkin @dpressle