From: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 16 Dec 2025 23:37:45 +0000 (+0000)
Subject: GHA: bump pip-dependencies
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=HEAD;p=thirdparty%2Fcurl.git

GHA: bump pip-dependencies

- update `filelock` from 3.20.0 to 3.20.1 (CVE-2025-68146) (used in pytests)
- update `pytest` from 9.0.1 to 9.0.2
- update `ruff` from 0.14.8 to 0.14.9

Closes #20004
---

diff --git a/.github/scripts/requirements.txt b/.github/scripts/requirements.txt
index 537f329aca..b6a7e5e10e 100644
--- a/.github/scripts/requirements.txt
+++ b/.github/scripts/requirements.txt
@@ -6,4 +6,4 @@ cmakelang==0.6.13
 codespell==2.4.1
 pytype==2024.10.11
 reuse==6.2.0
-ruff==0.14.8
+ruff==0.14.9
diff --git a/tests/http/requirements.txt b/tests/http/requirements.txt
index fde20ec152..bbc0eab892 100644
--- a/tests/http/requirements.txt
+++ b/tests/http/requirements.txt
@@ -3,8 +3,8 @@
 # SPDX-License-Identifier: curl
 
 cryptography==46.0.3
-filelock==3.20.0
+filelock==3.20.1
 psutil==7.1.3
-pytest==9.0.1
+pytest==9.0.2
 pytest-xdist==3.8.0
 websockets==15.0.1