Fixed safety issues that comes up when running make safety

.safety-policy-develop.yml

@@ -38,6 +38,17 @@ security:
             reason: Fixed filelock version 3.20.3 requires Python>=3.10 and is used there
         84415:
             reason: Fixed filelock version 3.20.3 requires Python>=3.10 and is used there
+        89481:
+            reason: Fixed authlib version 1.6.9 requires Python>=3.10 and is used there
+        89032:
+            reason: Fixed tornado version 6.5.5 requires Python>=3.10 and is used there
+        89826:
+            reason: Fixed nltk version 3.9.4 requires Python>=3.10 and is used there
+        90749:
+            reason: Fixed cryptography version 46.0.6 requires Python>=3.10 and is used there
+        35073:
+           reason: Fixed pygments version 2.20.0 requires Python>=3.10 and is used there
+
         # Need to comment out due to issue https://github.com/pyupio/safety/issues/847
         # SFTY-20260218-01424:
         #     reason: Fixed nltk version 3.9.3 requires Python>=3.10 and is used there

.safety-policy-install.yml

@@ -28,6 +28,10 @@ security:
     #     reason: {text}    # optional: Reason for ignoring it. Will be reported in the Safety reports
     #     expires: {date}   # optional: Date when this ignore will expire
     ignore-vulnerabilities:
+        90553:
+            reason: Fixed requests version 2.33.0 is not installable in the Python 3.9 CI environment, so Python 3.9 uses requests 2.32.4
+        SFTY-20260122-20373:
+            reason: Fixed pytest version 9.0.3 is not installable in the Python 3.9 CI environment, so Python 3.9 uses pytest 8.4.0
 
     # Continue with exit code 0 when vulnerabilities are found.
     continue-on-vulnerability-error: False

changes/noissue.safety.fix.rst

@@ -1 +1 @@
-Fixed safety issues up to 2026-03-29.
+Fixed safety issues up to 2026-05-06.

dev-requirements.txt

@@ -62,7 +62,7 @@ safety-schemas>=0.0.16
 dparse>=0.6.4
 ruamel.yaml>=0.17.21
 click>=8.0.2
-Authlib>=1.6.6
+Authlib>=1.6.9
 marshmallow>=3.26.2
 pydantic>=2.12.0
 pydantic_core>=2.41.1
@@ -85,7 +85,7 @@ Sphinx>=7.2.0
 docutils>=0.20.1
 sphinx-git>=10.1.1
 GitPython>=3.1.41
-Pygments>=2.15.0
+Pygments>=2.20.0
 sphinx-rtd-theme>=2.0.0
 sphinxcontrib-applehelp>=1.0.4
 sphinxcontrib-devhelp>=1.0.2
@@ -164,7 +164,7 @@ pywin32>=303; sys_platform == 'win32' and python_version <= '3.11'
 pywin32>=306; sys_platform == 'win32' and python_version == '3.12'
 
 # The tornado package is used by ipykernel which is used by jupyter.
-tornado>=6.5.3
+tornado>=6.5.5
 
 # pyzmq 26.1.0 added wheel archives for Python 3.13
 # pyzmq 27.0.1 added wheel archives for Python 3.14

extra-testutils-requirements.txt

@@ -7,7 +7,8 @@
 # Direct dependencies for install of extra 'testutils' (must be consistent with minimum-constraints-install.txt)
 
 # zhmcclient.testutils defines pytest fixtures:
-pytest>=8.4.0
+pytest>=8.4.0; python_version == '3.9'
+pytest>=9.0.3; python_version >= '3.10'
 
 # Packages used by zhmcclient.testutils that are also used by zhmcclient and thus
 # are specified already in requirements.txt:

minimum-constraints-develop.txt

@@ -49,7 +49,7 @@ safety-schemas==0.0.16
 dparse==0.6.4
 ruamel.yaml==0.17.21
 click==8.0.2
-Authlib==1.6.6
+Authlib==1.6.9
 marshmallow==3.26.2
 pydantic==2.12.0
 pydantic_core==2.41.1
@@ -69,7 +69,7 @@ Sphinx==7.2.0
 docutils==0.20.1
 sphinx-git==10.1.1
 GitPython==3.1.41
-Pygments==2.15.0
+Pygments==2.20.0
 sphinx-rtd-theme==2.0.0
 sphinxcontrib-applehelp==1.0.4
 sphinxcontrib-devhelp==1.0.2
@@ -165,7 +165,7 @@ cachetools==5.3.2
 Click==8.0.2
 clint==0.5.1
 configparser==4.0.2
-cryptography==46.0.5  # used by Authlib, which is used by safety
+cryptography==46.0.6  # used by Authlib, which is used by safety
 dataclasses==0.8
 decorator==4.0.11
 defusedxml==0.7.1
@@ -190,7 +190,7 @@ nest-asyncio==1.5.4
 # nltk 3.9.3 fixes CVE-2025-14009
 # Need to comment out nltk==3.9.2 due to issue https://github.com/pyupio/safety/issues/847
 # nltk==3.9.2; python_version == '3.9'
-nltk==3.9.3; python_version >= '3.10'
+nltk==3.9.4; python_version >= '3.10'
 # nose is used by older versions of notebook, e.g. 4.3.1
 nose==1.3.7
 pandocfilters==1.4.1
@@ -220,7 +220,7 @@ testpath==0.3
 toml==0.10.0
 tomli==2.0.1  # used by towncrier
 tomli-w==1.2.0  # used by tox>=4.48.0
-tornado==6.5.3
+tornado==6.5.5
 tqdm==4.66.3
 traitlets==5.6.0
 typing==3.6.1

minimum-constraints-install.txt

@@ -16,7 +16,8 @@ wheel==0.46.2
 
 # Direct dependencies for install (must be consistent with requirements.txt)
 
-requests==2.32.4
+requests==2.32.4; python_version == '3.9'
+requests==2.33.0; python_version >= '3.10'
 stomp-py==8.1.1
 immutabledict==4.2.0
 nocasedict==1.0.2
@@ -38,7 +39,8 @@ urllib3==2.6.3
 # Direct dependencies for install of extra 'testutils' (must be consistent with extra-testutils-requirements)
 
 # Used by zhmcclient.testutils
-pytest==8.4.0
+pytest==8.4.0; python_version == '3.9'
+pytest==9.0.3; python_version >= '3.10'
 
 # Indirect dependencies for install that are needed for some reason (must be consistent with requirements.txt)
 

requirements.txt

@@ -8,7 +8,9 @@
 
 # requests 2.25.0 tolerates urllib3 1.26.5 which is needed on Python 3.10 to
 #   remove ImportWarning in six
-requests>=2.32.4
+# requests 2.33.0 is not installable on Python 3.9, so split by Python version.
+requests>=2.32.4; python_version == '3.9'
+requests>=2.33.0; python_version >= '3.10'
 
 stomp-py>=8.1.1