[Aikido] Fix security issue in urllib3 via minor version upgrade from 2.6.3 to 2.7.0

[aikido-autofix]

Upgrade urllib3 to fix DoS vulnerability in streaming decompression that could cause excessive CPU and memory consumption when processing compressed responses.

✅ 1 CVE resolved by this upgrade

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2026-44432	HIGH	[urllib3] Streaming API decompression flaw causes excessive resource consumption (CPU and memory) when handling compressed responses from untrusted sources, particularly with Brotli-encoded data or when drain_conn() is called after partial decompression.

[github-actions]

Coverage Report

File	Stmts	Miss	Cover	Missing
src
check_remote.py	90	74	18%	20–42, 46–54, 58–64, 68–97, 101–125
downloader.py	342	304	11%	27–31, 35–83, 87, 91–103, 107–132, 136–141, 145–151, 155–162, 166–223, 227–283, 287–298, 302–317, 322–332, 336–338, 342–347, 351–356, 360–375, 379–424, 428–443, 447–482, 486–509
entrypoint.py	80	80	0%	1–95
filesystem.py	160	143	11%	14–66, 70–79, 83–106, 110–130, 134–139, 143–152, 156–180, 184–200, 204–209
process_manager.py	226	226	0%	2–322
updater.py	27	27	0%	1–37
src/utils
config.py	30	3	90%	34–36
logger.py	31	21	32%	12–42, 47
notify.py	19	19	0%	3–30
regions.py	37	2	95%	93, 106
TOTAL	1131	899	21%

Tests	Skipped	Failures	Errors	Time
36	0 💤	0 ❌	0 🔥	0.501s ⏱️

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	urllib3@​2.6.3 ⏵ 2.7.0	+1	+22

View full report