From bb9eedf786c898a61e9ebe6b75bc906bac0299be Mon Sep 17 00:00:00 2001
From: Einar Wigum Arbo <einararbo@gmail.com>
Date: Fri, 10 Apr 2026 11:51:58 +0200
Subject: [PATCH] fix: loosen pygments dependency to >=2.16

Move pygments from an exact pin to a range constraint in the peer
dependencies section. This allows downstream projects to upgrade to
pygments 2.20.0+ which fixes CVE-2026-4539.

The lower bound of >=2.16 matches mkdocs-material's own requirement.

Fixes #334
---
 requirements.txt | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/requirements.txt b/requirements.txt
index 85717c1..83e9757 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,6 +3,7 @@
 # packages that might otherwise exist in an adopter's environment.
 mkdocs>=1.6
 Markdown>=3.2,<3.11
+pygments>=2.16
 
 # The following are more akin to direct dependencies. Each line represents one
 # or more features that are provided by `techdocs-core`, and thus are always
@@ -15,7 +16,6 @@ mkdocs-monorepo-plugin==1.1.2
 plantuml-markdown==3.11.1
 mdx_truly_sane_lists==1.3
 pymdown-extensions==10.21
-pygments==2.19.2
 mkdocs-redirects==1.2.2
 
 # The following are temporary dependencies that are only necessary to work