From 4ff7f35323e962fd4ce544f7e3bdef291e0a9de2 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Thu, 13 Nov 2025 04:56:28 +0000
Subject: [PATCH] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-PDFMINERSIX-13863525
- https://snyk.io/vuln/SNYK-PYTHON-PDFMINERSIX-13863528
---
 requirements.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 9ebdd1a494..edc7384aef 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -158,4 +158,5 @@ google-generativeai==0.1.0
 unstructured==0.8.1
 ai21==1.2.6
 typing-extensions==4.5.0
-llama_cpp_python==0.2.7
\ No newline at end of file
+llama_cpp_python==0.2.7
+pdfminer.six>=20251107 # not directly required, pinned by Snyk to avoid a vulnerability
\ No newline at end of file