Upgrade urllib3 to >=2.6.3 to fix CVE-2025-66418, CVE-2025-66471, and CVE-2026-21441

[dbwiddis]

Description

Upgrades urllib3 to 2.6.0 or higher

Related Issues

Resolves CVE-2025-66418, CVE-2025-66471, and CVE-2026-21441

Check List

• Commits are signed per the DCO using --signoff.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 81.36%. Comparing base (7115d64) to head (3bf26d2).
⚠️ Report is 8 commits behind head on main.

Additional details and impacted files

@@             Coverage Diff              @@
##               main    #1635      +/-   ##
============================================
+ Coverage     81.32%   81.36%   +0.04%     
- Complexity     6145     6149       +4     
============================================
  Files           542      542              
  Lines         24994    24994              
  Branches       2543     2543              
============================================
+ Hits          20326    20336      +10     
+ Misses         3396     3386      -10     
  Partials       1272     1272              

Flag	Coverage Δ
plugin	81.36% <ø> (+0.04%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.
see 11 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dbwiddis]

Merged in #1643