chore(deps): lock file maintenance [skip pre-commit.ci]

[renovate]

This PR contains the following updates:

Update	Change
lockFileMaintenance	All locks refreshed

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

🔧 This Pull Request updates lock files to use the latest dependency versions.

---

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[cubic-dev-ai]

No issues found across 1 file

Confidence score: 5/5

• Automated review surfaced no issues in the provided summaries.
• No files require special attention.

[github-actions]

📚 Documentation Preview

Type	URL	Version	Message
Production	https://tux.atl.dev	-	-
Preview	https://62d0ea5c-tux-docs.allthingslinux.workers.dev	62d0ea5c-890f-443a-b97c-1d36bc5008c4	Preview: tux@80debc4ef88f48fa16097e980a854b8974a8ef9e on 1236/merge by renovate[bot] (run 513)

[github-actions]

Dependency Review

The following issues were found:

• ❌ 1 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 9 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 1f6594f.

Ensure that dependencies are being submitted on PR branches. Re-running this action after a short time may resolve the issue. See the documentation for more information and troubleshooting advice.

Vulnerabilities

uv.lock

Name	Version	Vulnerability	Severity
ecdsa	0.19.2	Minerva timing attack on P-256 in python-ecdsa	high

Only included vulnerabilities with severity high or higher.

License Issues

uv.lock

Package	Version	License	Issue Type
aiohttp	3.13.4	Null	Unknown License
fastapi	0.135.2	Null	Unknown License
githubkit	0.15.1	Null	Unknown License
numpy	2.4.4	Null	Unknown License
pymdown-extensions	10.21.2	Null	Unknown License
python-discovery	1.2.1	Null	Unknown License
ruff	0.15.8	Null	Unknown License
starlette	1.0.0	Null	Unknown License
ecdsa	0.19.2	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
pip/ecdsa	0.19.2	🟢 5.4	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 3 Found 5/14 approved changesets -- score normalized to 3 Security-Policy 🟢 10 security policy file detected Maintained 🟢 4 5 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 4 Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies ⚠️ 0 dependency not pinned by hash detected -- score normalized to 0 Fuzzing 🟢 10 project is fuzzed License 🟢 9 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches SAST 🟢 9 SAST tool detected but not run on all commits
pip/aiohttp	3.13.4	Unknown	Unknown
pip/anyio	4.13.0	Unknown	Unknown
pip/attrs	26.1.0	Unknown	Unknown
pip/coverage	7.13.5	Unknown	Unknown
pip/cryptography	46.0.6	Unknown	Unknown
pip/fastapi	0.135.2	Unknown	Unknown
pip/githubkit	0.15.1	Unknown	Unknown
pip/numpy	2.4.4	Unknown	Unknown
pip/pyasn1	0.6.3	Unknown	Unknown
pip/pygments	2.20.0	Unknown	Unknown
pip/pymdown-extensions	10.21.2	Unknown	Unknown
pip/pytest-cov	7.1.0	Unknown	Unknown
pip/python-discovery	1.2.1	Unknown	Unknown
pip/ruff	0.15.8	Unknown	Unknown
pip/sentry-sdk	2.56.0	🟢 5.5	Details Check Score Reason Code-Review 🟢 8 Found 23/26 approved changesets -- score normalized to 8 Maintained 🟢 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 5 dependency not pinned by hash detected -- score normalized to 5 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ 0 Project has not signed or included provenance with any releases. Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0
pip/starlette	1.0.0	Unknown	Unknown
pip/zensical	0.0.30	Unknown	Unknown

Scanned Files

• uv.lock

[sentry]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 42.25%. Comparing base (79f9774) to head (1f6594f).
⚠️ Report is 5 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #1236      +/-   ##
==========================================
+ Coverage   42.13%   42.25%   +0.11%     
==========================================
  Files         221      221              
  Lines       18409    18409              
  Branches     2431     2431              
==========================================
+ Hits         7756     7778      +22     
+ Misses      10653    10631      -22     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.