From fb4c6dca7bc049d5029c107dce333d5d26d52eb9 Mon Sep 17 00:00:00 2001
From: Hernan Monserrat <16483541+hemonserrat@users.noreply.github.com>
Date: Mon, 30 Mar 2026 16:46:53 -0700
Subject: [PATCH 1/2] ci: remove dependency vulnerability scan from security
 workflow

Remove the dependency-scan job that ran safety and pip-audit checks.
Retain CodeQL, secrets scanning, and cryptographic analysis jobs.
---
 .github/workflows/security.yml | 36 ----------------------------------
 1 file changed, 36 deletions(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 2bf8db6..4b0f3a6 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -40,42 +40,6 @@ jobs:
       with:
         category: "/language:${{matrix.language}}"
 
-  dependency-scan:
-    name: Dependency Vulnerability Scan
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v6
-
-    - name: Set up Python
-      uses: actions/setup-python@v6
-      with:
-        python-version: '3.11'
-
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install -r requirements.txt
-        pip install safety pip-audit
-
-    - name: Run safety check
-      run: |
-        safety check --json --output safety-report.json || true
-        safety check
-
-    - name: Run pip-audit
-      run: |
-        pip-audit --format=json --output=pip-audit-report.json || true
-        pip-audit
-
-    - name: Upload vulnerability reports
-      uses: actions/upload-artifact@v7
-      if: always()
-      with:
-        name: vulnerability-reports
-        path: |
-          safety-report.json
-          pip-audit-report.json
-
   secrets-scan:
     name: Secrets Scan
     runs-on: ubuntu-latest

From 4ff6b716f2b4bff3b6b1febe7213625acdf02a4a Mon Sep 17 00:00:00 2001
From: Hernan Monserrat <16483541+hemonserrat@users.noreply.github.com>
Date: Mon, 30 Mar 2026 16:47:43 -0700
Subject: [PATCH 2/2] docs: update minimum Python version to 3.10

---
 CONTRIBUTING.md | 2 +-
 README.md       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md
index 6d4e8ca..6f10d3b 100644
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -27,7 +27,7 @@ This project adheres to a code of conduct that we expect all contributors to fol
 
 ### Prerequisites
 
-- Python 3.8 or higher
+- Python 3.10 or higher
 - Git
 - GPG (for testing GPG functionality)
 
diff --git a/README.md b/README.md
index d0debff..34720ec 100644
--- a/README.md
+++ b/README.md
@@ -88,7 +88,7 @@ pip install -e ".[dev,security]"
 
 ### System Requirements
 
-- Python 3.8 or higher
+- Python 3.10 or higher
 - GPG (for keyfile sharing functionality)
   - **Ubuntu/Debian**: `sudo apt-get install gnupg`
   - **macOS**: `brew install gnupg`