From cf3a98453f271f9f4713a1b3ce82b70f47d63cac Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Fri, 20 Jun 2025 09:36:11 +0000
Subject: [PATCH 1/3] fix: requirements.txt to reduce vulnerabilities

The following vulnerabilities are fixed by pinning transitive dependencies:
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390193
- https://snyk.io/vuln/SNYK-PYTHON-URLLIB3-10390194
---
 requirements.txt | 1 +
 1 file changed, 1 insertion(+)

diff --git a/requirements.txt b/requirements.txt
index 5b5db98a..3d214fa3 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -12,3 +12,4 @@ owslib
 python-dateutil
 requests
 werkzeug
+urllib3>=2.5.0 # not directly required, pinned by Snyk to avoid a vulnerability

From ef98d43de568541a53422ae9f92625aa57316f25 Mon Sep 17 00:00:00 2001
From: Pingu Carsti <ehbrecht@dkrz.de>
Date: Mon, 21 Jul 2025 14:35:47 +0200
Subject: [PATCH 2/3] skip python 3.8

---
 .github/workflows/main.yml | 8 +++-----
 tox.ini                    | 2 +-
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index b3692502..99d3bf16 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -33,8 +33,6 @@ jobs:
     strategy:
       matrix:
         include:
-          - tox-env: py38-extra
-            python-version: "3.8"
           - tox-env: py39-extra
             python-version: "3.9"
           - tox-env: py310-extra
@@ -56,7 +54,7 @@ jobs:
     - name: Run tests with tox ⚙️
       run: tox -e ${{ matrix.tox-env }}
     - name: Run coveralls ⚙️
-      if: matrix.python-version == 3.8
+      if: matrix.python-version == 3.9
       uses: AndreMiras/coveralls-python-action@develop
 
   docs:
@@ -66,9 +64,9 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-python@v5
-        name: Setup Python 3.8
+        name: Setup Python 3.9
         with:
-          python-version: 3.8
+          python-version: 3.9
       - name: Build documentation 🏗️
         run: |
           pip install -e .[dev]
diff --git a/tox.ini b/tox.ini
index 1eeec944..f92509e7 100644
--- a/tox.ini
+++ b/tox.ini
@@ -1,7 +1,7 @@
 [tox]
 min_version = 4.0
 envlist =
-    py{37,38,39,310,311}{-extra,},
+    py{39,310,311}{-extra,},
     lint
 requires = pip >= 20.0
 opts = --verbose

From 14d26545b3a6fd00e5b17907108d300c9b7f7a38 Mon Sep 17 00:00:00 2001
From: Pingu Carsti <ehbrecht@dkrz.de>
Date: Mon, 21 Jul 2025 14:36:32 +0200
Subject: [PATCH 3/3] skip python 3.8

---
 setup.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/setup.py b/setup.py
index 3997af8b..0d89477a 100644
--- a/setup.py
+++ b/setup.py
@@ -49,7 +49,6 @@
         "Operating System :: OS Independent",
         "Programming Language :: Python",
         "Programming Language :: Python :: 3",
-        "Programming Language :: Python :: 3.8",
         "Programming Language :: Python :: 3.9",
         "Programming Language :: Python :: 3.10",
         "Programming Language :: Python :: 3.11",
@@ -59,7 +58,7 @@
     "extras_require": dict(
         dev=DEV_REQUIRES,
     ),
-    "python_requires": ">=3.8,<4",
+    "python_requires": ">=3.9,<4",
     "packages": find_packages(exclude=["docs", "tests.*", "tests"]),
     "include_package_data": True,
     "scripts": [],