From 0efc282f8445a1fafc1b7ac115fb036770695e24 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 4 May 2026 00:55:30 +0000
Subject: [PATCH] deps: Update pillow requirement from >=10.0.0 to >=11.3.0

Updates the requirements on [pillow](https://github.com/python-pillow/Pillow) to permit the latest version.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/10.0.0...11.3.0)

---
updated-dependencies:
- dependency-name: pillow
  dependency-version: 11.3.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 pyproject.toml   | 2 +-
 requirements.txt | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pyproject.toml b/pyproject.toml
index d8b00c0a..d75d3bf5 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -29,7 +29,7 @@ dependencies = [
     "sse-starlette>=1.6.0",  # Server-Sent Events support
     "prometheus-client>=0.19.0",  # Prometheus metrics
     "psutil>=7.2.2",  # System resource monitoring for sprite worker
-    "Pillow>=10.0.0",  # Image processing for thumbnail uploads (security hardening)
+    "Pillow>=11.3.0",  # Image processing for thumbnail uploads (security hardening)
     "argon2-cffi>=23.1.0",  # Secure API key hashing (Issue #445)
     "email-validator>=2.0.0",  # Pydantic EmailStr validation (Issue #200)
     "authlib>=1.3.0",  # OIDC integration (Issue #200)
diff --git a/requirements.txt b/requirements.txt
index 258725de..4776ebc6 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -27,7 +27,7 @@ slowapi>=0.1.9
 psutil>=5.9.0
 
 # Image processing for thumbnail uploads
-Pillow>=10.0.0
+Pillow>=11.3.0
 
 # HTML sanitization for comments
 bleach>=6.0.0