chore: scheduled pip-compile

[cd-red-bot]

Update dependencies

This is a scheduled update of Python dependencies within this repo managed by pip-compile.
This change will be submitted automatically within a few days if all checks have succeeded.

Summary by Sourcery

Update pinned Python dependencies to their latest scheduled versions.

Enhancements:

• Refresh AWS SDK-related libraries (boto3, botocore, s3transfer) to newer patch releases.
• Update certifi certificate bundle to a newer release for updated CA trust store.

Chores:

• Regenerate requirements.txt via scheduled pip-compile to keep dependencies current.

[sourcery-ai]

Reviewer's guide (collapsed on small PRs)

Reviewer's Guide

This PR refreshes pinned Python dependencies via pip-compile, updating AWS SDK-related packages and certifi in requirements.txt while keeping the dependency graph otherwise unchanged.

File-Level Changes

Change	Details	Files
Update pinned AWS SDK for Python components to latest compatible patch versions.	Bump boto3 from 1.43.29 to 1.43.34 and refresh associated hash pins. Bump botocore from 1.43.29 to 1.43.34 and refresh associated hash pins. Bump s3transfer from 0.18.0 to 0.19.0 and refresh associated hash pins.	requirements.txt
Update certifi certificate bundle to a newer patch release.	Bump certifi from 2026.5.20 to 2026.6.17 and refresh associated hash pins.	requirements.txt

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've reviewed your changes and they look great!

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[qodo-for-releng]

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: security

Failed stage: OWASP check [❌]

Failed test name: ""

Failure summary: The action failed during an OWASP Dependency-Check scan because it could not update the NVD (National Vulnerability Database) CVE data. - Dependency-Check repeatedly retried NVD API requests and then aborted with UpdateException: Error updating the NVD Data (NvdApiDataSource.processApi). - Root cause: the NVD API returned HTTP 503 (NvdApiException: NVD Returned Status Code: 503), indicating the service was unavailable. - The scan then could not proceed (Unable to continue dependency-check analysis, One or more fatal errors occurred) and exited with code 13 (Process completed with exit code 13).

Relevant error logs: 1: ##[group]Runner Image Provisioner 2: Hosted Compute Agent ... 555: pythonLocation: /opt/hostedtoolcache/Python/3.10.20/x64 556: PKG_CONFIG_PATH: /opt/hostedtoolcache/Python/3.10.20/x64/lib/pkgconfig 557: Python_ROOT_DIR: /opt/hostedtoolcache/Python/3.10.20/x64 558: Python2_ROOT_DIR: /opt/hostedtoolcache/Python/3.10.20/x64 559: Python3_ROOT_DIR: /opt/hostedtoolcache/Python/3.10.20/x64 560: LD_LIBRARY_PATH: /opt/hostedtoolcache/Python/3.10.20/x64/lib 561: GHA_PIP_AUDIT_SUMMARY: true 562: GHA_PIP_AUDIT_NO_DEPS: false 563: GHA_PIP_AUDIT_REQUIRE_HASHES: false 564: GHA_PIP_AUDIT_VULNERABILITY_SERVICE: PyPI 565: GHA_PIP_AUDIT_VIRTUAL_ENVIRONMENT: 566: GHA_PIP_AUDIT_LOCAL: false 567: GHA_PIP_AUDIT_INDEX_URL: 568: GHA_PIP_AUDIT_EXTRA_INDEX_URLS: 569: GHA_PIP_AUDIT_IGNORE_VULNS: 570: GHA_PIP_AUDIT_INTERNAL_BE_CAREFUL_ALLOW_FAILURE: false 571: GHA_PIP_AUDIT_INTERNAL_BE_CAREFUL_EXTRA_FLAGS: ... 725: inflating: dependency-check/lib/semver4j-5.8.0.jar 726: inflating: dependency-check/lib/slf4j-api-2.0.17.jar 727: inflating: dependency-check/lib/snakeyaml-2.5.jar 728: inflating: dependency-check/lib/spotbugs-annotations-4.9.8.jar 729: inflating: dependency-check/lib/toml4j-0.7.2.jar 730: inflating: dependency-check/lib/velocity-engine-core-2.4.1.jar 731: inflating: dependency-check/lib/xz-1.9.jar 732: inflating: dependency-check/LICENSE.txt 733: inflating: dependency-check/NOTICE.txt 734: inflating: dependency-check/licenses/commons-cli/LICENSE.txt 735: inflating: dependency-check/README.md 736: [WARN] '--disableRetireJS' is deprecated and may be removed in the next major release, please migrate to '--disableRetireJs' 737: [WARN] ossIndexPassword used on the command line, consider moving the password to a properties file using the key `analyzer.ossindex.password` and using the --propertyfile argument instead 738: [INFO] Checking for updates 739: [INFO] NVD API has 342,130 records in this update 740: [WARN] NVD API request failures are occurring; retrying request for the 15th time 741: [WARN] NVD API request failures are occurring; retrying request for the 16th time 742: [WARN] NVD API request failures are occurring; retrying request for the 17th time 743: [WARN] NVD API request failures are occurring; retrying request for the 18th time 744: [WARN] NVD API request failures are occurring; retrying request for the 19th time 745: [WARN] NVD API request failures are occurring; retrying request for the 20th time 746: [WARN] NVD API request failures are occurring; retrying request for the 21st time 747: [WARN] NVD API request failures are occurring; retrying request for the 22nd time 748: [WARN] NVD API request failures are occurring; retrying request for the 23rd time 749: [WARN] NVD API request failures are occurring; retrying request for the 24th time 750: [WARN] NVD API request failures are occurring; retrying request for the 25th time 751: [WARN] NVD API request failures are occurring; retrying request for the 26th time 752: [WARN] NVD API request failures are occurring; retrying request for the 27th time 753: [WARN] NVD API request failures are occurring; retrying request for the 28th time 754: [WARN] NVD API request failures are occurring; retrying request for the 29th time 755: [WARN] NVD API request failures are occurring; retrying request for the 30th time 756: [WARN] NVD API request failures are occurring; retrying request for the 31st time 757: [ERROR] Error updating the NVD Data 758: org.owasp.dependencycheck.data.update.exception.UpdateException: Error updating the NVD Data 759: at org.owasp.dependencycheck.data.update.NvdApiDataSource.processApi(NvdApiDataSource.java:387) ... 761: at org.owasp.dependencycheck.Engine.doUpdates(Engine.java:887) 762: at org.owasp.dependencycheck.Engine.initializeAndUpdateDatabase(Engine.java:692) 763: at org.owasp.dependencycheck.Engine.analyzeDependencies(Engine.java:619) 764: at org.owasp.dependencycheck.App.runScan(App.java:265) 765: at org.owasp.dependencycheck.App.run(App.java:197) 766: at org.owasp.dependencycheck.App.main(App.java:88) 767: Caused by: io.github.jeremylong.openvulnerability.client.nvd.NvdApiException: NVD Returned Status Code: 503 768: at io.github.jeremylong.openvulnerability.client.nvd.NvdCveClient._next(NvdCveClient.java:445) 769: at io.github.jeremylong.openvulnerability.client.nvd.NvdCveClient.next(NvdCveClient.java:356) 770: at org.owasp.dependencycheck.data.update.NvdApiDataSource.processApi(NvdApiDataSource.java:343) 771: ... 7 common frames omitted 772: [INFO] Updating CISA Known Exploited Vulnerability list: https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json 773: [INFO] Begin database defrag 774: [INFO] End database defrag (6671 ms) 775: [WARN] Unable to update 1 or more Cached Web DataSource, using local data instead. Results may not include recent vulnerabilities. 776: [ERROR] Unable to continue dependency-check analysis. 777: [ERROR] One or more fatal errors occurred 778: [ERROR] Error updating the NVD Data 779: [ERROR] No documents exist 780: ##[error]Process completed with exit code 13. 781: ##[group]Run actions/upload-artifact@v7