fix: update vulnerable dependencies

[seonghobae]

Summary

• Bundles fork Dependabot security remediations into one reviewable dependency PR.
• Updates locked packages covering the open fork alerts across LiteLLM, requests, pytest, python-multipart, GitPython, lxml, nltk, pillow, Pygments, aiohttp, cryptography, anthropic, pypdf, and fastapi-sso.
• Adds lower-bound uv overrides so LiteLLM proxy exact pins cannot downgrade security-sensitive transitive packages.
• Uses polars[rtcompat] so Polars imports on CPUs without AVX features.

Fork Dependabot alert scope

• Before this branch, the fork reported open Dependabot alerts: critical 2, high 11, medium 22, low 8.
• Current lockfile versions on this branch are at or above patched versions for all patchable alerts queried from Seongho-Bae/strix.
• Alerts remain open until this dependency set lands on a default branch; merging the fork PR itself is not the goal.

Upstream delivery

• Upstream PR: fix: update vulnerable dependencies usestrix/strix#479
• This fork PR is the review surface where we have permissions; the upstream PR is the deliverable back to usestrix/strix.

Verification

• uv lock --check
• uv sync --locked --all-extras --dev
• uv run python -c "import litellm, requests, pytest, multipart, fastapi, openai, starlette, uvicorn, polars, jwt, importlib_metadata; print('dependency smoke ok')"
• uv run --with pip-audit pip-audit --progress-spinner off (No known vulnerabilities found)
• uv run pytest (110 passed)
• uv run bandit -r strix/ -c pyproject.toml (No issues identified)
• git diff --check
• PYTHONPATH="${OPENCODE_HOME:-$HOME/.config/opencode}" python3 -m scripts.lint_by_filetype --json

Review notes

• Local subagent review: PASS, no blocking findings.
• Greptile feedback on the upstream PR was addressed; current upstream Greptile check passes on bd0d80e.
• Do not merge this fork PR for release purposes. Use it for review evidence, then land upstream PR fix: update vulnerable dependencies usestrix/strix#479.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: ed35a892-82f7-42ed-a228-af45f8eaf92f

📥 Commits

Reviewing files that changed from the base of the PR and between bd0d80e and d53dfab.

⛔ Files ignored due to path filters (1)

• uv.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• pyproject.toml

🚧 Files skipped from review as they are similar to previous changes (1)

• pyproject.toml

---

📝 Walkthrough

Summary by CodeRabbit

릴리즈 노트

• Chores
  • 핵심 런타임 및 라이브러리 의존성을 상향 조정하여 최신 호환성을 확보했습니다.
  • 샌드박스 실행 환경 관련 패키지에 최소 버전 요구사항을 추가했습니다.
  • 테스트/개발 도구의 버전을 업데이트하여 테스트 안정성과 개발 편의성을 개선했습니다.
  • 런타임 의존성 충돌을 방지하기 위한 상위 의존성 오버라이드를 도입했습니다.

둘러보기

이 PR은 pyproject.toml을 업데이트하여 주 프로젝트 의존성(litellm[proxy], requests)을 상향 조정하고, sandbox 선택적 의존성을 최소 버전으로 고정하며, pytest 개발 의존성을 상향하고, [tool.uv] 오버라이드를 추가합니다.

변경 사항

의존성 관리

레이어 / 파일	요약
주 의존성 pyproject.toml	litellm[proxy]를 >=1.83.14,<1.84.0으로, requests를 >=2.33.0으로 업데이트합니다.
선택적(sandbox) 의존성 pyproject.toml	fastapi를 >=0.135.1, uvicorn을 >=0.42.0으로 지정합니다.
개발 의존성 pyproject.toml	pytest를 >=9.0.3으로 상향 조정합니다.
도구 구성 pyproject.toml	새 [tool.uv] 섹션을 추가하여 azure-identity, fastapi, huggingface-hub, openai, starlette, uvicorn 등 여러 패키지의 최소 버전을 오버라이드합니다.

추정 코드 검토 노력

🎯 2 (간단함) | ⏱️ ~8분

시

🐰 의존성의 숲을 헤치며,
새로운 버전으로 길을 밝히고,
uv의 손길로 다듬어지니,
패키지는 안정적으로 춤을 춘다.
우리의 프로젝트, 더욱 견고하네! ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	제목은 취약한 의존성 업데이트라는 주요 변경 사항을 명확하게 요약하며, changeset의 핵심 목적과 직접 관련되어 있습니다.
Description check	✅ Passed	설명은 Dependabot 보안 수정, 의존성 업데이트, 검증 절차 등 changeset의 여러 측면과 명확하게 관련되어 있습니다.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/dependabot-security-updates

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@pyproject.toml`:
- Around line 85-99: The override in [tool.uv].override-dependencies only
affects uv's resolver and doesn't change the published PEP 621 metadata, so add
the same minimum version constraints to the package's declared dependencies in
the pyproject.toml project metadata (the project.dependencies /
project.optional-dependencies entries) for fastapi and uvicorn so pip installs
respect them; specifically update the project dependency entries for "fastapi"
to fastapi>=0.135.1 and for "uvicorn" to uvicorn>=0.42.0 so installs like pip
install strix-agent[sandbox] cannot bypass the security lower bounds.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 39377dcf-b5b5-4ceb-b0c4-a456a379332d

📥 Commits

Reviewing files that changed from the base of the PR and between 6b9bd4d and bd0d80e.

⛔ Files ignored due to path filters (1)

• uv.lock is excluded by !**/*.lock

📒 Files selected for processing (1)

• pyproject.toml

[greptile-apps]

Greptile Summary

• Bundles security remediations for 13+ packages (litellm[proxy] 1.83.14, requests 2.33.0, cryptography 46.0.7, aiohttp 3.13.4, gitpython 3.1.50, etc.) plus a new [tool.uv] override-dependencies block to prevent transitive downgrades on future re-locks.
• Two new transitive packages appear in the lockfile: polars-runtime-compat (from the polars[rtcompat] extra, enabling non-AVX CPU support) and restrictedpython 8.1 (pulled in by litellm[proxy]'s sandbox feature).
• click and typer are downgraded as a side-effect of litellm 1.83.14's dependency graph (click 8.3.1→8.1.8, typer 0.24.1→0.23.1); cryptography was patched but is missing a corresponding lower-bound override.

Confidence Score: 5/5

Safe to merge — all security bumps are in place, tests pass, and the only findings are P2 suggestions about missing override floors.

All P2 findings: one suggestion to add a cryptography lower-bound override, plus pre-existing notes on the click/typer downgrade and restrictedpython addition. No P0 or P1 issues. The PR description reports clean pip-audit, bandit, and 110-passing test runs.

pyproject.toml — review the override-dependencies block for any missing security-patched packages (cryptography, aiohttp, etc.).

Important Files Changed

Filename	Overview
pyproject.toml	Bumps litellm[proxy] to 1.83.14, requests to 2.33.0, pytest to 9.0.3, fastapi/uvicorn floors, and introduces a new [tool.uv] override-dependencies block to lock transitive security-patched packages; cryptography is upgraded in the lockfile but absent from the overrides list.
uv.lock	Large lockfile refresh reflecting all security bumps (aiohttp 3.13.4, cryptography 46.0.7, gitpython 3.1.50, anthropic 0.100.0, requests 2.33.1, etc.); adds two new packages — polars-runtime-compat (from polars[rtcompat] extra) and restrictedpython 8.1 (pulled in by litellm[proxy]); click downgraded 8.3.1→8.1.8 as a litellm transitive side-effect.

_{Reviews (2): Last reviewed commit: "fix: enforce sandbox dependency floors" | Re-trigger Greptile}