the test suite uses httpbin, which at one point needed werkzeug. i am unsure if it still does.
werkzeug is pinned to an early release which is affected by a security advisory: https://github.com/jvanasco/metadata_parser/security/dependabot/5
although this library does not use it werkzeug, and the chances of this security issue affecting the test suit is near-zero, removing the pin or inclusion of the library is a goal
the test suite uses httpbin, which at one point needed werkzeug. i am unsure if it still does.
werkzeug is pinned to an early release which is affected by a security advisory: https://github.com/jvanasco/metadata_parser/security/dependabot/5
although this library does not use it werkzeug, and the chances of this security issue affecting the test suit is near-zero, removing the pin or inclusion of the library is a goal