chore(deps): bump requests to 2.33.1 to fix CVE-2026-25645

[pedrooot]

Summary

• Resolves PyUp 90553 / CVE-2026-25645 — Insecure Temporary File
  reuse in requests due to a predictable temporary filename.
  Affected spec: <2.33.0.
• Bumps requests in both lockfiles to the latest 2.33.1:
  • api/poetry.lock: 2.32.5 → 2.33.1
  • poetry.lock (root): 2.32.4 → 2.33.1
• requests is a transitive dependency in this repo — no
  pyproject.toml changes are needed and no API/SDK code had to be
  touched.

Scope of the lockfile diff

Each lockfile diff is restricted to the [[package]] requests block:
version, file hashes, and the bumped lower bounds for certifi
(>=2023.5.7) and urllib3 (>=1.26).

Compatibility

• requests 2.33.x requires Python >=3.10.
• api/pyproject.toml → requires-python = ">=3.11,<3.13" ✅
• pyproject.toml (root) → requires-python = ">=3.10,<3.13" ✅

Steps to review

Please add a detailed description of how to review this PR.

Checklist

Community Checklist

• This feature/issue is listed in here or roadmap.prowler.com
• Is it assigned to me, if not, request it via the issue/feature in here or Prowler Community Slack

• Review if the code is being covered by tests.
• Review if code is being documented following this specification https://github.com/google/styleguide/blob/gh-pages/pyguide.md#38-comments-and-docstrings
• Review if backport is needed.
• Review if is needed to change the Readme.md
• Ensure new entries are added to CHANGELOG.md, if applicable.

SDK/CLI

• Are there new checks included in this PR? Yes / No
  • If so, do we need to update permissions for the provider? Please review this carefully.

UI

• All issue/task requirements work as expected on the UI
• Screenshots/Video of the functionality flow (if applicable) - Mobile (X < 640px)
• Screenshots/Video of the functionality flow (if applicable) - Table (640px > X < 1024px)
• Screenshots/Video of the functionality flow (if applicable) - Desktop (X > 1024px)
• Ensure new entries are added to CHANGELOG.md, if applicable.

API

• All issue/task requirements work as expected on the API
• Endpoint response output (if applicable)
• EXPLAIN ANALYZE output for new/modified queries or indexes (if applicable)
• Performance test results (if applicable)
• Any other relevant evidence of the implementation (if applicable)
• Verify if API specs need to be regenerated.
• Check if version updates are required (e.g., specs, Poetry, etc.).
• Ensure new entries are added to CHANGELOG.md, if applicable.

License

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

[github-actions]

⚠️ Changes detected in the following folders without a corresponding update to the CHANGELOG.md:

• api
• prowler (root dependency files changed)

Please add an entry to the corresponding CHANGELOG.md file to maintain a clear history of changes.

[github-actions]

✅ Conflict Markers Resolved

All conflict markers have been successfully resolved in this pull request.

[github-actions]

🔒 Container Security Scan

Image: prowler:6f1b1d5
Last scan: 2026-05-04 15:51:21 UTC

📊 Vulnerability Summary

Severity	Count
🔴 Critical	4
Total	4

4 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

• Review the detailed scan results
• Update affected packages to patched versions
• Consider using a different base image if updates are unavailable

---

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy

[github-actions]

🔒 Container Security Scan

Image: prowler-api:6f1b1d5
Last scan: 2026-05-04 15:51:45 UTC

📊 Vulnerability Summary

Severity	Count
🔴 Critical	5
Total	5

4 package(s) affected

⚠️ Action Required

Critical severity vulnerabilities detected. These should be addressed before merging:

• Review the detailed scan results
• Update affected packages to patched versions
• Consider using a different base image if updates are unavailable

---

📋 Resources:

• Download full report (see artifacts)
• View in Security tab
• Scanned with Trivy

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 87.98%. Comparing base (921f49a) to head (194e2ca).
⚠️ Report is 10 commits behind head on master.

Additional details and impacted files

@@             Coverage Diff             @@
##           master   #10983       +/-   ##
===========================================
+ Coverage    7.71%   87.98%   +80.26%     
===========================================
  Files         850     1962     +1112     
  Lines       24669    90910    +66241     
===========================================
+ Hits         1904    79989    +78085     
+ Misses      22765    10921    -11844     

Flag	Coverage Δ
api	93.65% <ø> (?)
prowler-py3.10-aws	90.01% <ø> (+82.29%)	⬆️
prowler-py3.10-azure	89.28% <ø> (?)
prowler-py3.10-config	84.58% <ø> (?)
prowler-py3.10-gcp	89.66% <ø> (?)
prowler-py3.10-github	88.95% <ø> (?)
prowler-py3.10-googleworkspace	87.11% <ø> (?)
prowler-py3.10-iac	88.57% <ø> (?)
prowler-py3.10-kubernetes	89.31% <ø> (?)
prowler-py3.10-lib	84.59% <ø> (?)
prowler-py3.10-m365	88.82% <ø> (?)
prowler-py3.10-mongodbatlas	88.48% <ø> (?)
prowler-py3.10-nhn	88.90% <ø> (?)
prowler-py3.10-openstack	86.95% <ø> (?)
prowler-py3.10-oraclecloud	86.69% <ø> (?)
prowler-py3.10-vercel	86.95% <ø> (?)
prowler-py3.11-aws	90.02% <ø> (+82.30%)	⬆️
prowler-py3.11-azure	89.29% <ø> (?)
prowler-py3.11-config	84.54% <ø> (?)
prowler-py3.11-gcp	89.67% <ø> (?)
prowler-py3.11-github	88.96% <ø> (?)
prowler-py3.11-googleworkspace	87.07% <ø> (?)
prowler-py3.11-iac	88.52% <ø> (?)
prowler-py3.11-kubernetes	89.32% <ø> (?)
prowler-py3.11-lib	84.55% <ø> (?)
prowler-py3.11-m365	88.76% <ø> (?)
prowler-py3.11-mongodbatlas	88.43% <ø> (?)
prowler-py3.11-nhn	88.91% <ø> (?)
prowler-py3.11-openstack	86.91% <ø> (?)
prowler-py3.11-oraclecloud	86.65% <ø> (?)
prowler-py3.11-vercel	86.91% <ø> (?)
prowler-py3.12-aws	90.01% <ø> (+82.29%)	⬆️
prowler-py3.12-azure	89.28% <ø> (?)
prowler-py3.12-config	84.59% <ø> (?)
prowler-py3.12-gcp	89.66% <ø> (?)
prowler-py3.12-github	88.95% <ø> (?)
prowler-py3.12-googleworkspace	87.13% <ø> (?)
prowler-py3.12-iac	88.59% <ø> (?)
prowler-py3.12-kubernetes	89.31% <ø> (?)
prowler-py3.12-lib	84.60% <ø> (?)
prowler-py3.12-m365	88.83% <ø> (?)
prowler-py3.12-mongodbatlas	88.50% <ø> (?)
prowler-py3.12-nhn	88.90% <ø> (?)
prowler-py3.12-openstack	86.97% <ø> (?)
prowler-py3.12-oraclecloud	86.71% <ø> (?)
prowler-py3.12-vercel	86.97% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

Components	Coverage Δ
prowler	84.61% <ø> (+76.89%)	⬆️
api	93.65% <ø> (∅)

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.