chore(licenses): Updated 3rd party license details

[SandyChapman]

• Regenerated 3rd party license details using make update-licenses

Summary by CodeRabbit

• Chores
  • Updated nvidia-nat packages from release candidate (1.7.0rc3) to stable release (1.7.0).
  • Upgraded sqlfluff dependency from 3.4.0 to 4.1.0.
  • Updated third-party vulnerability and license metadata, including revisions to reported vulnerability entries and affected version ranges.

[github-actions]

Suite	Lines Covered	Line Rate	Branch Rate
Unit Tests	18241/24191	75.4%	61.8%
Integration Tests	11664/22973	50.8%	25.9%

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 880e3252-b72e-4f67-a8ba-4a2bdf5900a2

📥 Commits

Reviewing files that changed from the base of the PR and between bd872b0 and 65d3085.

📒 Files selected for processing (2)

• third_party/osv-licenses.json
• third_party/requirements-main.txt

🚧 Files skipped from review as they are similar to previous changes (2)

• third_party/osv-licenses.json
• third_party/requirements-main.txt

---

📝 Walkthrough

Walkthrough

This PR updates third-party dependency pins and OSV license/vulnerability metadata: stabilizes six nvidia-nat packages to 1.7.0, upgrades sqlfluff to 4.1.0 and trims its OSV groups, rewrites a starlette vulnerability entry, and tweaks # via comment metadata in requirements.

Changes

Dependency and OSV License Updates

Layer / File(s)	Summary
nvidia-nat packages stabilization (1.7.0rc3 → 1.7.0) third_party/osv-licenses.json, third_party/requirements-main.txt	Six nvidia-nat-* packages moved from 1.7.0rc3 to 1.7.0 in OSV JSON and requirements, with updated hashes and # via comments.
sqlfluff upgrade to 4.1.0 with vulnerability cleanup third_party/osv-licenses.json, third_party/requirements-main.txt	sqlfluff bumped from 3.4.0 to 4.1.0 in both files; OSV groups reduced to only GHSA-73jc-5mrq-prw7.
starlette vulnerability data update (PYSEC-2026-161) third_party/osv-licenses.json	Rewrote the starlette OSV vulnerability block: updated affected versions, database_specific.source, references, and set groups.max_severity to an empty string.
Dependency source comment adjustments third_party/requirements-main.txt	Edited # via metadata for several deps (botocore, dataclasses-json, langchain-aws, etc.) to add/remove provider/plugin sources.

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	Title accurately describes the main change: updating third-party license details and dependency versions across osv-licenses.json and requirements-main.txt.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch schapman/update-licenses

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

third_party/osv-licenses.json (1)

3245-3281: ⚠️ Potential issue | 🟠 Major | ⚡ Quick win

Update sqlfluff to the patched version in third_party/osv-licenses.json

third_party/osv-licenses.json pins sqlfluff to 4.1.0 (around line 3245), but GHSA-73jc-5mrq-prw7 lists the fixed version as 4.2.0 (around line 3280). Bump sqlfluff to >=4.2.0 and regenerate third_party/osv-licenses.json.

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In `@third_party/osv-licenses.json` around lines 3245 - 3281, Update the sqlfluff
entry in third_party/osv-licenses.json so the affected package "sqlfluff" / purl
"pkg:pypi/sqlfluff" reflects the patched version (change the pinned version
"4.1.0" to ">=4.2.0" or the explicit "4.2.0") and adjust the vulnerability range
for GHSA-73jc-5mrq-prw7 to show "fixed": "4.2.0"; after that, regenerate the
OSV/licenses JSON (or re-run the exporter/lockfile tool you use) so the file is
consistent with the updated package version and ranges.

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Outside diff comments:
In `@third_party/osv-licenses.json`:
- Around line 3245-3281: Update the sqlfluff entry in
third_party/osv-licenses.json so the affected package "sqlfluff" / purl
"pkg:pypi/sqlfluff" reflects the patched version (change the pinned version
"4.1.0" to ">=4.2.0" or the explicit "4.2.0") and adjust the vulnerability range
for GHSA-73jc-5mrq-prw7 to show "fixed": "4.2.0"; after that, regenerate the
OSV/licenses JSON (or re-run the exporter/lockfile tool you use) so the file is
consistent with the updated package version and ranges.

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Enterprise

Run ID: 0bb31ef8-5243-4a72-957e-48bc4cdabfd6

📥 Commits

Reviewing files that changed from the base of the PR and between 252b42d and bd872b0.

📒 Files selected for processing (2)

• third_party/osv-licenses.json
• third_party/requirements-main.txt

[coderabbitai]

Actionable comments posted: 0