From 8a3c078bf5cea9f46ab7269b3e1ea7024da7ac8d Mon Sep 17 00:00:00 2001
From: Janik Besendorf <janik@besendorf.org>
Date: Wed, 1 Apr 2026 10:47:54 +0200
Subject: [PATCH] Bump requests to 2.33.0 and cryptography to 46.0.6 to fix
 security vulnerabilities

- requests 2.33.0: fixes insecure temp file reuse in extract_zipped_paths() (moderate)
- cryptography 46.0.6: fixes incomplete DNS name constraint enforcement (low)
---
 pyproject.toml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pyproject.toml b/pyproject.toml
index e93e19c..3fd8c48 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -20,14 +20,14 @@ dependencies = [
     "click==8.3.1",
     "rich==14.1.0",
     "tld==0.13.1",
-    "requests==2.32.5",
+    "requests==2.33.0",
     "simplejson==3.20.2",
     "packaging==25.0",
     "appdirs==1.4.4",
     "iOSbackup==0.9.925",
     "adb-shell[usb]==0.4.4",
     "libusb1==3.3.1",
-    "cryptography==46.0.5",
+    "cryptography==46.0.6",
     "PyYAML>=6.0.2",
     "pyahocorasick==2.2.0",
     "betterproto==1.2.5",