From 9d2914eb28b7813b5ce715f0e1957f58192aa70c Mon Sep 17 00:00:00 2001
From: Deepthi Buchupalli <deepthit.126@gmail.com>
Date: Fri, 19 Jun 2026 11:36:41 +0530
Subject: [PATCH 1/4] fix: update black to >=26.3.1 to resolve CVE-2026-32274
 vulnerability

---
 pyproject.toml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index 2e5755a..4fbdb5e 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -27,7 +27,7 @@ dependencies = [
 dev = [
     "pytest>=7.4.0",
     "pytest-asyncio>=0.21.0",
-    "black>=23.0.0",
+    "black>=26.3.1",
     "ruff>=0.1.0",
 ]
 

From ef9d9ea35779522cd74c0b574d6183adeb4f80e7 Mon Sep 17 00:00:00 2001
From: Deepthit-23 <deepthit.126@gmail.com>
Date: Fri, 19 Jun 2026 11:53:44 +0530
Subject: [PATCH 2/4] fix: delete cv2 from sys.modules inside
 test_memory_import_does_not_require_cv2 to prevent cross-test interference

---
 tests/test_memory.py | 1 +
 1 file changed, 1 insertion(+)

diff --git a/tests/test_memory.py b/tests/test_memory.py
index 16bab42..615607a 100644
--- a/tests/test_memory.py
+++ b/tests/test_memory.py
@@ -63,6 +63,7 @@ def guarded_import(name, *args, **kwargs):
     monkeypatch.delitem(sys.modules, "services.tracking", raising=False)
     monkeypatch.delitem(sys.modules, "services.tracking.tracker", raising=False)
     monkeypatch.delitem(sys.modules, "services.memory.memory", raising=False)
+    monkeypatch.delitem(sys.modules, "cv2", raising=False)
 
     imported = importlib.import_module("services.memory.memory")
     assert hasattr(imported, "MemoryStore")

From 6599956c0a955cc66dbaeb31e3d443c60d0b3f71 Mon Sep 17 00:00:00 2001
From: Deepthit-23 <deepthit.126@gmail.com>
Date: Fri, 19 Jun 2026 11:54:05 +0530
Subject: [PATCH 3/4] fix: bump black to 26.3.1 in
 services/detection/requirements.txt to resolve CVE-2026-32274 vulnerability

---
 services/detection/requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/services/detection/requirements.txt b/services/detection/requirements.txt
index df60c3b..9dae4ce 100644
--- a/services/detection/requirements.txt
+++ b/services/detection/requirements.txt
@@ -5,5 +5,5 @@ supervision==0.20.0
 pydantic==2.6.4
 pytest==8.1.1
 ruff==0.4.1
-black==24.3.0
+black==26.3.1
 EOF

From 33c927b87222ff3608b40040db7cffd56911742d Mon Sep 17 00:00:00 2001
From: Deepthit-23 <deepthit.126@gmail.com>
Date: Sat, 20 Jun 2026 22:59:29 +0530
Subject: [PATCH 4/4] fix: upgrade starlette to 1.2.1 in poetry.lock to resolve
 CVE-2026-54283 vulnerability

---
 poetry.lock | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/poetry.lock b/poetry.lock
index cfdeac0..3661b31 100644
--- a/poetry.lock
+++ b/poetry.lock
@@ -2218,14 +2218,14 @@ files = [
 
 [[package]]
 name = "starlette"
-version = "1.0.0"
+version = "1.2.1"
 description = "The little ASGI library that shines."
 optional = false
 python-versions = ">=3.10"
 groups = ["main"]
 files = [
-    {file = "starlette-1.0.0-py3-none-any.whl", hash = "sha256:d3ec55e0bb321692d275455ddfd3df75fff145d009685eb40dc91fc66b03d38b"},
-    {file = "starlette-1.0.0.tar.gz", hash = "sha256:6a4beaf1f81bb472fd19ea9b918b50dc3a77a6f2e190a12954b25e6ed5eea149"},
+    {file = "starlette-1.2.1-py3-none-any.whl", hash = "sha256:4de0082d08c8f6764a85a54cf1120d6939507a19905c7768acad2a9f875d2b89"},
+    {file = "starlette-1.2.1.tar.gz", hash = "sha256:64d55b0a3c26786a4e3268593450e64c20f121d5c5898d022b79373977759d57"},
 ]
 
 [package.dependencies]