From bfd19c1e3c37ed5ac0e5ddeef1162eee1b382045 Mon Sep 17 00:00:00 2001
From: Florian Pfaff <6773539+FlorianPfaff@users.noreply.github.com>
Date: Wed, 20 May 2026 10:33:38 +0200
Subject: [PATCH 1/3] Update idna pin in runtime requirements

---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 2ecc3b288..07ef4225f 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -15,7 +15,7 @@ filelock==3.29.0 ; python_version >= "3.11" and python_version < "3.15"
 fonttools==4.62.1 ; python_version >= "3.11" and python_version < "3.15"
 fsspec==2026.3.0 ; python_version >= "3.11" and python_version < "3.15"
 healpy==1.19.0 ; python_version >= "3.11" and python_version < "3.15"
-idna==3.13 ; python_version >= "3.11" and python_version < "3.15"
+idna==3.15 ; python_version >= "3.11" and python_version < "3.15"
 jinja2==3.1.6 ; python_version >= "3.11" and python_version < "3.15"
 kiwisolver==1.5.0 ; python_version >= "3.11" and python_version < "3.15"
 markupsafe==3.0.3 ; python_version >= "3.11" and python_version < "3.15"

From 39f4bf55819839431e6d45f66370d1525ed64184 Mon Sep 17 00:00:00 2001
From: Florian Pfaff <6773539+FlorianPfaff@users.noreply.github.com>
Date: Wed, 20 May 2026 10:41:31 +0200
Subject: [PATCH 2/3] Update idna pin in dev requirements

---
 requirements-dev.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements-dev.txt b/requirements-dev.txt
index 84e14b474..8774b7293 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -17,7 +17,7 @@ filelock==3.29.0 ; python_version >= "3.11" and python_version < "3.15"
 fonttools==4.62.1 ; python_version >= "3.11" and python_version < "3.15"
 fsspec==2026.3.0 ; python_version >= "3.11" and python_version < "3.15"
 healpy==1.19.0 ; python_version >= "3.11" and python_version < "3.15"
-idna==3.13 ; python_version >= "3.11" and python_version < "3.15"
+idna==3.15 ; python_version >= "3.11" and python_version < "3.15"
 iniconfig==2.3.0 ; python_version >= "3.11" and python_version < "3.15"
 jax==0.10.0 ; python_version >= "3.11" and python_version < "3.15"
 jaxlib==0.10.0 ; python_version >= "3.11" and python_version < "3.15"

From d76ab03ae83d4f314eed4c0daca725306d37e837 Mon Sep 17 00:00:00 2001
From: Florian Pfaff <6773539+FlorianPfaff@users.noreply.github.com>
Date: Wed, 20 May 2026 10:44:22 +0200
Subject: [PATCH 3/3] Add temporary OSV override for stale idna lock entry

---
 osv-scanner.toml | 7 +++++++
 1 file changed, 7 insertions(+)
 create mode 100644 osv-scanner.toml

diff --git a/osv-scanner.toml b/osv-scanner.toml
new file mode 100644
index 000000000..4f6146674
--- /dev/null
+++ b/osv-scanner.toml
@@ -0,0 +1,7 @@
+[[PackageOverrides]]
+name = "idna"
+version = "3.13"
+ecosystem = "PyPI"
+vulnerability.ignore = true
+effectiveUntil = 2026-06-30
+reason = "Temporary suppression for stale poetry.lock entry; exported requirements are updated to idna 3.15. Regenerate poetry.lock with Poetry to remove this override."