From bb0c8cf5af39a78e1aeaf356863326884e154673 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 28 Mar 2026 02:30:01 +0000
Subject: [PATCH] GHA: bump pip-dependencies

- update `filelock` from 3.24.3 to 3.25.2
- update `ruff` from 0.15.2 to 0.15.7
- update `cryptography` from 46.0.5 to 46.0.6 (CVE-2026-34073)

Closes #21138
---
 .github/scripts/requirements.txt | 2 +-
 tests/http/requirements.txt      | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt
index 540cbe7c09..6711ccd7f7 100644
--- a/.github/scripts/requirements.txt
+++ b/.github/scripts/requirements.txt
@@ -6,4 +6,4 @@ cmakelang==0.6.13
 codespell==2.4.2
 pytype==2024.10.11
 reuse==6.2.0
-ruff==0.15.2
+ruff==0.15.7
diff --git a/tests/http/requirements.txt b/tests/http/requirements.txt
index 5512a26be0..8d884727f1 100644
--- a/tests/http/requirements.txt
+++ b/tests/http/requirements.txt
@@ -2,8 +2,8 @@
 #
 # SPDX-License-Identifier: curl
 
-cryptography==46.0.5
-filelock==3.24.3
+cryptography==46.0.6
+filelock==3.25.2
 psutil==7.2.2
 pytest==9.0.2
 pytest-xdist==3.8.0