[Snyk] Fix for 6 vulnerabilities

[snyk-io]

Snyk has created this PR to fix 6 vulnerabilities in the pip dependencies of this project.

Snyk changed the following file(s):

• sample-python/requirements.txt

⚠️ Warning

otebook 5.7.0 requires pyzmq, which is not installed.
jupyter-console 6.6.3 requires pyzmq, which is not installed.
jupyter-console 6.6.3 has requirement jupyter-client>=7.0.0, but you have jupyter-client 5.2.3.
jupyter-console 6.6.3 has requirement traitlets>=5.4, but you have traitlets 4.3.2.
jupyter-console 6.6.3 has requirement jupyter-core!=5.0.*,>=4.12, but you have jupyter-core 4.4.0.
jupyter-console 6.6.3 has requirement ipykernel>=6.14, but you have ipykernel 5.0.0.
jupyter-client 5.2.3 requires pyzmq, which is not installed.
ipython 7.34.0 has requirement jedi>=0.16, but you have jedi 0.12.1.

Breaking Change Risk

Notice: This assessment is enhanced by AI.

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.
• Some vulnerabilities couldn't be fully fixed and so Snyk will still find them when the project is tested again. This may be because the vulnerability existed within more than one direct dependency, but not all of the affected dependencies could be upgraded.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Cross-site Scripting (XSS)
🦉 Missing Authentication for Critical Function
🦉 Directory Traversal
🦉 More lessons are available in Snyk Learn

[snyk-io]

This upgrade includes two packages with notable changes, primarily related to dropped support for older Python versions.

requests@2.19.1 → requests@2.33.0

Risk: Medium

This upgrade drops support for several older Python versions. The requests library now officially supports Python 3.10 and newer.

• Python Support: Support for Python 2.7, 3.6, 3.7, and 3.8 has been dropped in various releases throughout this upgrade range. Projects using older Python versions will need to upgrade their environment.
• Build System: Starting with version 2.33.0, requests uses a new build system (hatchling), which could affect environments with very old packaging tools.
• Custom Adapters: For users with custom HTTPAdapter subclasses, version 2.32.2 deprecated _get_connection in favor of a new public API, get_connection_with_tls_context.

Recommendation: Verify that your project is running on Python 3.10 or newer. If you are using custom HTTPAdapters, check for usage of the deprecated _get_connection method.

nltk@3.3 → nltk@3.9.4

Risk: Medium

This upgrade for the Natural Language Toolkit (NLTK) also includes significant changes to supported Python versions and some minor behavioral changes.

• Python Support: The target version nltk@3.9.4 requires Python 3.10 or newer. Support for Python versions older than 3.10 has been dropped.
• Behavioral Changes:
  • As of version 3.9, WordNet synsets and relations are no longer sorted by default.
  • In version 3.6.5, the METEOR evaluation module was updated to require pre-tokenized input.

Recommendation: Ensure your environment uses Python 3.10 or a more recent version. Review any code that uses WordNet or the METEOR evaluation tool for potential compatibility issues.

Notice 🤖: This content was augmented using artificial intelligence. AI-generated content may contain errors and should be reviewed for accuracy before use.

[thavelock]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[thavelock]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[thavelock]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.