🔒️Upgrade dependencies with security issues

[sanderegg]

What do these changes do?

as reported by https://github.com/ITISFoundation/osparc-simcore/security/dependabot

Here is a bunch of upgrades to fix High to Moderate problems.

• #packages before ~ 4
• #packages after ~ 4

#	name	before	after	upgrade	count	packages
1	flask-cors	5.0.1, 6.0.0	6.0.1		10	agent🧪 api-server🧪 autoscaling🧪 aws-library🧪 clusters-keeper🧪 dask-sidecar🧪 performance🧪 resource-usage-tracker🧪 simcore-sdk🧪 storage🧪
2	jinja2	3.1.2, 3.1.5	3.1.6		10	aws-library🧪 e2e-playwright🧪🧪 notifications-library🧪 service-integration🧪 simcore-sdk🧪 storage⬆️🧪 web⬆️🧪
3	requests	2.32.2, 2.32.3	2.32.4		53	agent⬆️🧪 api-server⬆️🧪 autoscaling⬆️🧪 aws-library🧪🧪 catalog⬆️🧪 celery-library🧪🧪 clusters-keeper⬆️🧪 dask-sidecar⬆️🧪 datcore-adapter⬆️🧪 director-v2⬆️🧪 director⬆️🧪 docker-api-proxy🧪 dynamic-scheduler⬆️🧪 dynamic-sidecar⬆️🧪 e2e-playwright🧪🧪 e2e🧪 helpers🧪 invitations⬆️ migration🧪 notifications-library🧪 notifications⬆️🧪 payments⬆️🧪 performance🧪 postgres-database🧪 public-api🧪 resource-usage-tracker⬆️🧪 service-integration🧪 service-library🧪🧪 simcore-sdk🧪🧪 storage⬆️🧪 swarm-deploy🧪 web⬆️🧪
4	urllib3	2.4.0, 2.2.3, 2.3.0	2.5.0	minor	58	agent⬆️🧪 api-server⬆️🧪 autoscaling⬆️🧪 aws-library🧪🧪 catalog⬆️🧪 celery-library🧪🧪 clusters-keeper⬆️🧪 dask-sidecar⬆️⬆️🧪 dask-task-models-library🧪 datcore-adapter⬆️🧪 director-v2⬆️🧪 director⬆️🧪 docker-api-proxy🧪 dynamic-scheduler⬆️🧪 dynamic-sidecar⬆️🧪 e2e-playwright🧪🧪 e2e🧪 helpers🧪 invitations⬆️ migration🧪 notifications-library🧪 notifications⬆️🧪 payments⬆️🧪 performance🧪 postgres-database🧪🧪 public-api🧪🧪 resource-usage-tracker⬆️🧪 service-integration🧪🧪 service-library🧪🧪 simcore-sdk🧪🧪 storage⬆️🧪 swarm-deploy🧪 web⬆️🧪

Legend:

• ⬆️ base dependency (only services because packages are floating)
• 🧪 test dependency
• 🔧 tool dependency

Related issue/s

How to test

Dev-ops

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[sanderegg]

@mergify queue

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 88.34%. Comparing base (6acc97b) to head (e51f092).
Report is 1 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #8091      +/-   ##
==========================================
+ Coverage   88.28%   88.34%   +0.06%     
==========================================
  Files        1866     1810      -56     
  Lines       71919    70651    -1268     
  Branches     1268     1170      -98     
==========================================
- Hits        63491    62417    -1074     
+ Misses       8061     7894     -167     
+ Partials      367      340      -27     

Flag	Coverage Δ
integrationtests	64.23% <ø> (-0.04%)	⬇️
unittests	86.93% <ø> (+0.04%)	⬆️

Components	Coverage Δ
pkg_aws_library	93.93% <ø> (ø)
pkg_celery_library	87.34% <ø> (ø)
pkg_dask_task_models_library	79.62% <ø> (ø)
pkg_models_library	93.24% <ø> (ø)
pkg_notifications_library	85.26% <ø> (ø)
pkg_postgres_database	88.22% <ø> (ø)
pkg_service_integration	70.17% <ø> (ø)
pkg_service_library	71.14% <ø> (-0.05%)	⬇️
pkg_settings_library	∅ <ø> (∅)
pkg_simcore_sdk	85.05% <ø> (ø)
agent	96.29% <ø> (ø)
api_server	92.84% <ø> (ø)
autoscaling	95.88% <ø> (ø)
catalog	92.58% <ø> (ø)
clusters_keeper	99.13% <ø> (ø)
dask_sidecar	92.35% <ø> (ø)
datcore_adapter	97.94% <ø> (ø)
director	76.86% <ø> (ø)
director_v2	90.96% <ø> (-0.10%)	⬇️
dynamic_scheduler	96.69% <ø> (ø)
dynamic_sidecar	90.09% <ø> (ø)
efs_guardian	89.65% <ø> (ø)
invitations	93.60% <ø> (ø)
payments	92.57% <ø> (ø)
resource_usage_tracker	92.63% <ø> (+0.10%)	⬆️
storage	86.80% <ø> (+0.04%)	⬆️
webclient	∅ <ø> (∅)
webserver	88.62% <ø> (+0.01%)	⬆️

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 6acc97b...e51f092. Read the comment docs.

🚀 New features to boost your workflow:

• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[mergify]

queue

✅ The pull request has been merged automatically

The pull request has been merged automatically at dbd3129