chainlit mcp semantic-kernel # Security pin: force the patched Werkzeug (a transitive dependency) to resolve # the safe_join Windows device-name DoS advisories # CVE-2025-66221 / CVE-2026-21860 / CVE-2026-27199 (fixed in 3.1.6) werkzeug>=3.1.6