From 5bbf803f245790f28610227eca0d57a4b1f497b4 Mon Sep 17 00:00:00 2001
From: Andreas Maier <maiera@de.ibm.com>
Date: Sun, 5 Nov 2023 13:36:28 +0100
Subject: [PATCH] Addressed safety issues up to 2023-11-05

Signed-off-by: Andreas Maier <maiera@de.ibm.com>
---
 .safety-policy.yml      | 2 ++
 docs/changes.rst        | 5 +----
 minimum-constraints.txt | 3 ++-
 requirements.txt        | 5 +++--
 4 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/.safety-policy.yml b/.safety-policy.yml
index c20f29db..69bdd993 100644
--- a/.safety-policy.yml
+++ b/.safety-policy.yml
@@ -60,6 +60,8 @@ security:
             reason: Fixed GitPython version 3.1.33 requires Python>=3.7 and is used there
         60841:
             reason: Fixed GitPython version 3.1.35 requires Python>=3.7 and is used there
+        61601:
+            reason: Fixed urllib3 version 1.26.17 requires Python>=3.6 and is used there
 
     # Continue with exit code 0 when vulnerabilities are found.
     continue-on-vulnerability-error: False
diff --git a/docs/changes.rst b/docs/changes.rst
index 7d693895..418135de 100644
--- a/docs/changes.rst
+++ b/docs/changes.rst
@@ -28,8 +28,7 @@ Released: not yet
 
 **Bug fixes:**
 
-* Addressed safety issues from 6+7/2023, by increasing 'requests' to 2.31.0
-  on Python >=3.7, and by increasing other packages only needed for development.
+* Addressed safety issues up to 2023-11-05.
 
 **Enhancements:**
 
@@ -86,8 +85,6 @@ in this version, please update it in your installation.
 * Fixed issue with PyYAML 5.4 installation on Python>=3.10 that fails since
   the recent release of Cython 3.
 
-* Fixed safety issues from 2023-08-27.
-
 * Test: Circumvented a pip-check-reqs issue by excluding its version 2.5.0.
 
 **Enhancements:**
diff --git a/minimum-constraints.txt b/minimum-constraints.txt
index db443921..f8896552 100644
--- a/minimum-constraints.txt
+++ b/minimum-constraints.txt
@@ -81,7 +81,8 @@ wheel==0.38.1; python_version >= '3.7'
 zhmcclient==1.9.1
 
 prometheus-client==0.9.0
-urllib3==1.26.5
+urllib3==1.26.9; python_version == '3.5'
+urllib3==1.26.17; python_version >= '3.6'
 jsonschema==3.2.0
 six==1.14.0; python_version <= '3.9'
 six==1.16.0; python_version >= '3.10'
diff --git a/requirements.txt b/requirements.txt
index 9a0f9d76..9303a4c7 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -10,8 +10,9 @@
 zhmcclient>=1.9.1
 
 prometheus-client>=0.9.0
-urllib3>=1.25.9; python_version <= '3.9'
-urllib3>=1.26.5; python_version >= '3.10'
+# urllib3 1.26.10 removed support for py35
+urllib3>=1.26.9; python_version == '3.5'
+urllib3>=1.26.17; python_version >= '3.6'
 jsonschema>=3.2.0
 six>=1.14.0; python_version <= '3.9'
 six>=1.16.0; python_version >= '3.10'