chore(deps): refresh all application and CI dependencies

[jantman]

Summary

Refreshes all application and CI/CD dependencies via poetry update plus a bump to the CI tooling pins in .github/workflows/constraints.txt. This supersedes the open Dependabot PRs #147–#153, all of which are subsumed here (in most cases to a newer version than the individual PR proposed).

Dependabot PRs covered

PR	Dependency	This branch
#153	idna 3.14 → 3.15	→ 3.18
#152	requests 2.34.0 → 2.34.2	→ 2.34.2
#151	jaraco-functools 4.4.0 → 4.5.0	→ 4.5.0
#150	typeguard 4.5.1 → 4.5.2	→ 4.5.2
#149	python-discovery 1.3.0 → 1.3.1	→ 1.4.2
#148	virtualenv 21.3.1 → 21.3.3 (lock)	→ 21.4.3
#147	virtualenv 21.3.1 → 21.3.3 (CI constraints)	→ 21.4.3

Other refreshed deps

poetry update also bumped numerous transitive and dev dependencies, including aiohttp 3.13.5 → 3.14.1, black 26.3.1 → 26.5.1, cryptography 48.0.0 → 48.0.1, faker 40.15.0 → 40.23.0, numpy 2.4.4 → 2.4.6, slack-sdk 3.41.0 → 3.42.0, click 8.3.3 → 8.4.1, and more. CI pip pin bumped 26.1.1 → 26.1.2.

pyproject.toml version constraints already permitted all new versions, so only poetry.lock and .github/workflows/constraints.txt changed.

Testing

All nox sessions pass locally:

• ✅ nox -s tests (295 passed)
• ✅ nox -s mypy
• ✅ nox -s typeguard
• ✅ nox -s safety (pip-audit: no known vulnerabilities)
• ✅ nox -s pre-commit

🤖 Generated with Claude Code

[github-actions]

Coverage Report

File	Stmts	Miss	Branch	BrPart	Cover	Missing
src/dm_mac
__init__.py	73	0	6	0	100%
cli_utils.py	15	0	0	0	100%
neon_fob_adder.py	232	15	60	5	93%	79, 116–117, 124, 270, 333–334, 341, 364–367, 454–456
neongetter.py	211	1	54	3	99%	309
slack_handler.py	165	0	42	0	100%
utils.py	25	0	4	0	100%
src/dm_mac/models
__init__.py	0	0	0	0	100%
api_schemas.py	34	0	0	0	100%
machine.py	580	16	194	16	97%	589, 669, 961–963, 1075–1084, 1142
users.py	103	0	32	0	100%
src/dm_mac/views
__init__.py	0	0	0	0	100%
api.py	32	0	0	0	100%
machine.py	103	0	12	0	100%
prometheus.py	132	0	12	1	100%
TOTAL	1705	32	416	25	98%

Tests	Skipped	Failures	Errors	Time
295	0 💤	0 ❌	0 🔥	24.186s ⏱️

[claude]

Code review

No issues found. Checked for bugs and CLAUDE.md compliance.

[Copilot]

Pull request overview

This PR refreshes the project’s pinned dependency set by updating poetry.lock (via poetry update) and updating CI tool pins in .github/workflows/constraints.txt, consolidating the previously-open Dependabot bumps into a single change set.

Changes:

• Updated CI tool constraints: pip to 26.1.2 and virtualenv to 21.4.3.
• Regenerated poetry.lock to reflect updated direct/transitive dependency versions while keeping pyproject.toml constraints unchanged.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File	Description
.github/workflows/constraints.txt	Bumps CI tool pins for pip and virtualenv to the new constrained versions.
poetry.lock	Refreshes the resolved dependency graph and hashes after running poetry update.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.