build(deps)(deps): bump temporalio from 1.5.0 to 1.19.0 in /apps/guard-api

[dependabot]

Bumps temporalio from 1.5.0 to 1.19.0.

Release notes

Sourced from temporalio's releases.

1.19.0

Sandbox Importing Changes

Modules imported after workflows have been loaded into the sandbox now produce a warning message by default. See the Import Notification Policy docs for more info and customization options.

OpenAI Agents Changes

• Add new upper bound of version 0.5.0 for openai-agents

Breaking Changes

• Python 3.9 support has been removed now that it has reached end of life status.
• Plugin interfaces have been updated to use invocation provided callables instead of initializers.
• MCPServerProviders now require a name argument.
• TestModel and TestModelProvider have been moved from temporalio.contrib.openai_agents to temporalio.contrib.openai_agents.test

Specific Changes

2025-09-30 - 4a70f3d - Update version to 1.18.1 (#1135) 2025-10-01 - a31886d - Serialization context (#1102) 2025-10-02 - 4f08626 - Use type in start/execute activity/workflow to address Pyright Strict mode error (#1137) 2025-10-06 - 26e2e61 - Generate RPC calls in Bridge Client (#1123) 2025-10-06 - 5ca4861 - Provide option to disable activity registration (#1140) 2025-10-07 - 42fe382 - Flaky session test (#1141) 2025-10-07 - 5e93e63 - 💥 Plugin Overhaul (#1139) 2025-10-07 - d27bb11 - Move visitor, bridge client generation, and formatting to poe tasks (#1142) 2025-10-07 - e4df5e7 - Add googleapis-common-protos to fix tests in build-binaries workflow (#1143) 2025-10-09 - cde3427 - Use macOS 15 intel runners (#1148) 2025-10-14 - 162cff7 - 💥 Allow arguments to be provided to MCP Server creation (#1147) 2025-10-14 - 70deb94 - Replace Proto modules with the python path (#1156) 2025-10-14 - 788d391 - Remove experimental notices for worker tuners (#1152) 2025-10-16 - 2ad41ab - Replace tctl references with Temporal CLI (#1165) 2025-10-16 - 2efd9a7 - Add start_update_with_start_workflow to Otel Interceptor (#1150) 2025-10-20 - 4fe685a - Allow h2 error message (#1170) 2025-10-20 - 778fc9a - Support python 3.14 and deprecate python 3.9 (#885) 2025-10-20 - f03ddc2 - Add programming language classifiers to fix badge on next publish (#1151) 2025-10-22 - 5994a45 - Avoid token detaching from different context (#1153) 2025-10-22 - c8cbfe0 - Modify code comment for Worker build_id field #1160 (#1163) 2025-10-24 - 7f794d0 - Update license in pyproject.toml (#1175) 2025-10-24 - 988b12c - Allow openai 0.4, update lock to use it (#1182) 2025-10-25 - 27903f7 - Add nightly throughput stress (#1173) 2025-10-27 - 231cc67 - Adds proper failure decoding in workflow activation (#1192) 2025-10-27 - 630a031 - Match openai logic to retry on >= 500 not == 500 (#1181) 2025-10-27 - 8f754b4 - Opentelemetry baggage propagation fix (#1174) 2025-10-27 - ba3d50f - Add a test for split worker scenario (#1193) 2025-10-27 - e39e8f2 - Add option to run models as local activities (#1183) 2025-10-28 - 0eb96eb - Sandbox importing (#1187) 2025-10-28 - c3448cc - Skip flaky test on versions with importer bug (#1195) 2025-10-29 - 1b70f07 - Tps nightly small improvements (#1200)

... (truncated)

Commits

• 11e8650 Update version to 1.19.0 for release (#1214)
• e543e8a fix: typed search contains should work for falsy values (#1206)
• 4156856 fix: typo in time sandboxed utilities (#1205)
• 35347b9 Fix: Resolve TypeError in value_to_type on Python 3.13 (issue #1188) (#1189)
• 660ac2b VLN-492: Set explicit permissions for GitHub Actions workflows (#1199)
• 5f24792 💥 Expose agent testing utils (#1164)
• a08250a refactor: use classmethod in factory methods (#1179)
• 1b70f07 Tps nightly small improvements (#1200)
• 0eb96eb Sandbox importing (#1187)
• c3448cc Skip flaky test on versions with importer bug (#1195)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #71.