April package updates

[barna-isaac]

Updates API dependencies, resolving all high, and leaving only medium vulnerabilities.

• Github dependency report: 4 -> 0. Resolves 4 medium vulnerabilities, by updating bouncycastle, log4j.
• IntelliJ dependency report (excluding dev dependencies with the provided scope): 22 (including 3 high) -> 11 (all medium). The high vulnerabilities are in the Netty http client. I've modified our azure openai installation so we use java's built-in HTTP client instead of Netty.
• also performed trivial (non-major) version upgrades that did not fix a vulnerability (obtained by runnin mvn versions:display-dependency-updates)
• IntelliJ still highlights a medium dependency in pom.xml. This is a major version upgrade (5 -> 7) for JGit. Did not perform this, since the vulnerability is only a 4.3 and is not exploitable through the API.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 40.13%. Comparing base (e0e5c4d) to head (25f631b).
⚠️ Report is 19 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #776      +/-   ##
==========================================
+ Coverage   40.11%   40.13%   +0.01%     
==========================================
  Files         547      546       -1     
  Lines       23868    23797      -71     
  Branches     2899     2900       +1     
==========================================
- Hits         9574     9550      -24     
+ Misses      13382    13335      -47     
  Partials      912      912              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.