Addressed safety issues (#2134)

andy-maier · web-flow · commit 23b590960a04 · 2026-03-29T18:47:25.000+02:00
Signed-off-by: Andreas Maier &lt;maiera@de.ibm.com&gt;
diff --git a/.safety-policy-develop.yml b/.safety-policy-develop.yml
@@ -38,6 +38,9 @@ security:
             reason: Fixed filelock version 3.20.3 requires Python>=3.10 and is used there
         84415:
             reason: Fixed filelock version 3.20.3 requires Python>=3.10 and is used there
+        # Need to comment out due to issue https://github.com/pyupio/safety/issues/847
+        # SFTY-20260218-01424:
+        #     reason: Fixed nltk version 3.9.3 requires Python>=3.10 and is used there
 
     # Continue with exit code 0 when vulnerabilities are found.
     continue-on-vulnerability-error: False
diff --git a/changes/noissue.safety.fix.rst b/changes/noissue.safety.fix.rst
@@ -1 +1 @@
-Fixed safety issues up to 2026-02-26.
+Fixed safety issues up to 2026-03-29.
diff --git a/minimum-constraints-develop.txt b/minimum-constraints-develop.txt
@@ -165,7 +165,7 @@ cachetools==5.3.2
 Click==8.0.2
 clint==0.5.1
 configparser==4.0.2
-cryptography==44.0.1  # used by Authlib, which is used by safety
+cryptography==46.0.5  # used by Authlib, which is used by safety
 dataclasses==0.8
 decorator==4.0.11
 defusedxml==0.7.1
@@ -188,7 +188,8 @@ MarkupSafe==2.0.0
 mistune==2.0.3
 nest-asyncio==1.5.4
 # nltk 3.9.3 fixes CVE-2025-14009
-nltk==3.9.2; python_version == '3.9'
+# Need to comment out nltk==3.9.2 due to issue https://github.com/pyupio/safety/issues/847
+# nltk==3.9.2; python_version == '3.9'
 nltk==3.9.3; python_version >= '3.10'
 # nose is used by older versions of notebook, e.g. 4.3.1
 nose==1.3.7

Original file line number	Diff line number	Diff line change
`@@ -1 +1 @@`
`1`		`-Fixed safety issues up to 2026-02-26.`
	`1`	`+Fixed safety issues up to 2026-03-29.`