chore(deps): Apply Dependabot version bumps in bulk

[m1so]

Summary by CodeRabbit

• Chores
  • Enhanced continuous integration security procedures with updated vulnerability management.
  • Updated project dependencies to improve stability and security coverage.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 4ddd7b66-1006-4c54-bc85-0d3e44eb4845

📥 Commits

Reviewing files that changed from the base of the PR and between 65e194d and 19ea7e7.

⛔ Files ignored due to path filters (1)

• poetry.lock is excluded by !**/*.lock

📒 Files selected for processing (2)

• .github/workflows/ci.yml
• pyproject.toml

---

📝 Walkthrough

Walkthrough

CI workflow documentation expanded with additional CVE ignore entries (CVE-2026-32274, CVE-2026-27448, CVE-2026-27459) and explanatory comments for deferred vulnerability upgrades. Project dependencies updated in pyproject.toml: Tornado pinned to 6.5.5+ (previously 6.5+) and PyJWT 2.12.0+ added as a new dependency.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 4

✅ Passed checks (4 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	Title accurately reflects the main changes: dependency version updates (Tornado pin, new PyJWT) and CVE vulnerability ignore-list updates.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Updates Docs	✅ Passed	PR implements only dependency maintenance (chore), not features. No documentation updates required.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

📝 Coding Plan

• Generate coding plan for human review comments

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[github-actions]

📦 Python package built successfully!

• Version: 2.1.4.dev3+859108a
• Wheel: deepnote_toolkit-2.1.4.dev3+859108a-py3-none-any.whl
• Install:

  pip install "deepnote-toolkit @ https://deepnote-staging-runtime-artifactory.s3.amazonaws.com/deepnote-toolkit-packages/2.1.4.dev3%2B859108a/deepnote_toolkit-2.1.4.dev3%2B859108a-py3-none-any.whl"

[deepnote-bot]

🚀 Review App Deployment Started

📝 Description	🌐 Link / Info
🌍 Review application	ra-78
🔑 Sign-in URL	Click to sign-in
📊 Application logs	View logs
🔄 Actions	Click to redeploy
🚀 ArgoCD deployment	View deployment
⏰ Last deployed	2026-03-17 16:30:26 (UTC)
📜 Deployed commit	9a745743609c984d02d8188392f7eeac4263ee81
🛠️ Toolkit version	859108a

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 73.71%. Comparing base (65e194d) to head (ecc6a5b).
⚠️ Report is 1 commits behind head on main.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #78   +/-   ##
=======================================
  Coverage   73.71%   73.71%           
=======================================
  Files          93       93           
  Lines        5284     5284           
  Branches      766      766           
=======================================
  Hits         3895     3895           
  Misses       1144     1144           
  Partials      245      245           

Flag	Coverage Δ
combined	73.71% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.