[Aikido] Fix security issue in urllib3 via minor version upgrade from 2.6.2 to 2.6.3 in scripts

[aikido-autofix]

Upgrade urllib3 to mitigate decompression bomb vulnerability in streaming API, preventing potential DoS attacks from malicious servers

✅ Code not affected by breaking changes.

No breaking changes from the urllib3 upgrade affect this codebase.

The urllib3 package is only used as a transitive dependency through the requests library in two Python utility scripts:

• scripts/generate_parliament_iam_permissions/scrape_iam_permissions.py (urllib3 2.5.0)

• scripts/generate_aws_supported_endpoints/main.py (urllib3 2.6.3)

These scripts make simple HTTP GET requests using requests.get() without any custom retry configuration, timeout settings, or Retry-After header handling. The change in urllib3 2.6.3 that caps Retry-After times at 6 hours only affects code that explicitly configures retry behavior or relies on specific retry delay timing. Since these scripts use the default requests behavior without customization, the 6-hour cap on retry delays will not impact their functionality.

The main codebase is written in Go and uses AWS SDK retry mechanisms (as seen in aws/service.go), which are completely independent of urllib3.

All breaking changes by upgrading urllib3 from version 2.6.2 to 2.6.3 (CHANGELOG)

Version	Description
2.6.3	Started treating Retry-After times greater than 6 hours as 6 hours by default, which restricts previously allowed retry delay behavior

✅ 1 CVE resolved by this upgrade

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2026-21441	MEDIUM	A vulnerability in urllib3's streaming API allows malicious servers to trigger excessive resource consumption via decompression bombs in redirect responses, potentially causing DoS when streaming content from untrusted sources.

🔗 Related Tasks

• https://aikido.atlassian.net/browse/AIK-7958
• https://aikido.atlassian.net/browse/AIK-8655