build(deps): consolidate dependabot updates

[hbrodin]

Summary

Consolidates all outstanding Dependabot dependency updates into a single PR for easier review and merge.

Updates included:

Package	Component	Version Change	Notes
langgraph-checkpoint	patcher	2.1.1 → 3.0.1	Major version - drops Python 3.9 support (project uses 3.12+)
langgraph-checkpoint	seed-gen	2.1.0 → 3.0.1	Same as above
langgraph	patcher, seed-gen	0.6.6 → 0.6.11	Transitive update
marshmallow	patcher	3.26.1 → 3.26.2	Security fix (CVE-2025-68480)
mcp	patcher, program-model	1.13.0 → 1.26.0	Minor version update
starlette	patcher, program-model	0.47.2 → 0.52.1	Security fix for Range header parsing vulnerability

Safety assessment:

• ✅ All updates are safe - no breaking API changes for our usage
• ✅ langgraph-checkpoint 3.0 mainly drops Python 3.9 (we use 3.12+)
• ✅ starlette and marshmallow updates are security fixes
• ✅ All component tests pass with updated dependencies

Closes Dependabot PRs:

• build(deps): bump langgraph-checkpoint from 2.1.0 to 3.0.0 in /seed-gen #430 - langgraph-checkpoint in seed-gen
• build(deps): bump mcp from 1.13.0 to 1.23.0 in /program-model #433 - mcp in program-model
• build(deps): bump starlette from 0.47.2 to 0.49.1 in /program-model #434 - starlette in program-model
• build(deps): bump starlette from 0.47.2 to 0.49.1 in /patcher #443 - starlette in patcher
• build(deps): bump mcp from 1.13.0 to 1.23.0 in /patcher #444 - mcp in patcher
• build(deps): bump marshmallow from 3.26.1 to 3.26.2 in /patcher #445 - marshmallow in patcher
• build(deps): bump langgraph-checkpoint from 2.1.1 to 3.0.0 in /patcher #446 - langgraph-checkpoint in patcher

Test plan

• Verified imports work for all updated packages
• Ran patcher tests (55 passed, 1 skipped)
• Ran program-model tests (29 passed, 104 skipped)
• Ran seed-gen tests (16 passed, 1 skipped)

🤖 Generated with Claude Code