Upgrade urllib3 to >=1.24.3 and remove upper version limit.
Why is this needed
urllib3 dependency is not at >=1.24.2,<1.25.
Version 1.24.2 is vulnerable.
Version 1.25 is supported from python 3.5, we support python > 3.6 so there is no reason for upper limit (no breaking API for us).
What would you like to be added
Upgrade urllib3 to >=1.24.3 and remove upper version limit.
Why is this needed
urllib3 dependency is not at >=1.24.2,<1.25. Version 1.24.2 is vulnerable. Version 1.25 is supported from python 3.5, we support python > 3.6 so there is no reason for upper limit (no breaking API for us).