chore!: update requests to >=2.33.1 for CVE-2026-25645 (#107)

BREAKING CHANGE: Dropped support for Python 3.9

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

Author: andreas-karlsson

.github/workflows/pull-requests.yaml

@@ -19,7 +19,7 @@ jobs:
     timeout-minutes: 10
     strategy:
       matrix:
-        container: [ "python:3.9", "python:3.10", "python:3.11" ]
+        container: [ "python:3.10", "python:3.11" ]
     container:
       image: ${{ matrix.container }}
 
@@ -30,6 +30,9 @@ jobs:
           fetch-depth: 0 # this (and below) is needed to have setuptools_scm report the correct version
           fetch-tags: true
 
+      - name: Mark workspace as safe directory
+        run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
+
       - name: Upgrade pip
         run: pip install --upgrade pip
 
@@ -107,7 +110,7 @@ jobs:
         if: matrix.installation-type == 'minimal'
         run: |
           pip install --no-deps -e .
-          pip install requests==2.32.4 openfeature-sdk==0.4.2 typing_extensions==4.9.0 httpx==0.27.2
+          pip install "requests>=2.33.1,<3.0.0" openfeature-sdk==0.4.2 typing_extensions==4.9.0 httpx==0.27.2
           pip install pytest==7.4.2 pytest-mock==3.11.1
 
       - name: Test telemetry functionality

pyproject.toml

@@ -26,13 +26,13 @@ classifiers = [
 ]
 keywords = []
 dependencies = [
-    "requests==2.32.4", 
+    "requests>=2.33.1,<3.0.0",
     "openfeature-sdk==0.4.2", 
     "typing_extensions>=4.9.0,<5.0.0",
     "httpx==0.27.2",
     "protobuf>=5.29.5,<7.0.0"
 ]
-requires-python = ">=3.9"
+requires-python = ">=3.10"
 
 [project.optional-dependencies]
 dev = [