At https://github.com/intel/llvm dependabot reports a few alerts regarding use of: - urllib3 < v2.6.3 (CVE-2026-21441) - pynacl < 1.6.2 (CVE-2025-69277) - cryptography <= 46.0.4 (CVE-2026-26007) Update requirements_formatting.txt.in & re-generate requirements_formatting.txt.