From 84ef14c68970e7ea7575f0849a45154039a0dd6b Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 31 Jan 2026 14:04:18 +0000
Subject: [PATCH] fix: pip-sample/requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-NBCONVERT-14463457
- https://snyk.io/vuln/SNYK-PYTHON-PROTOBUF-15090738
---
 pip-sample/requirements.txt | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pip-sample/requirements.txt b/pip-sample/requirements.txt
index 680d08166..53779fc45 100644
--- a/pip-sample/requirements.txt
+++ b/pip-sample/requirements.txt
@@ -26,7 +26,7 @@ kiwisolver==1.0.1
 MarkupSafe==1.0
 matplotlib==2.2.2
 mistune==0.8.3
-nbconvert==5.4.0
+nbconvert==7.17.0
 nbformat==4.4.0
 nltk==3.3
 notebook==5.7.0
@@ -38,7 +38,7 @@ parso==0.3.1
 pexpect==4.6.0
 pickleshare==0.7.5
 prometheus-client==0.3.1
-protobuf==3.6.1
+protobuf==6.33.5
 protobuf-to-dict==0.1.0
 ptyprocess==0.6.0
 Pygments==2.2.0