fix(snyk): remove [tool.poetry.dependencies] shim — it was causing the error

Backwards reasoning: at commit 51ed1f3 (NO [tool.poetry.dependencies])
snyk successfully parsed [project.dependencies] via its uv preview AND
reported the click@8.2.1 vuln. Snyk CAN read PEP 621 deps with preview
enabled; the parser was working.

When I added [tool.poetry.dependencies] alongside in commit 283154b,
snyk started erroring with "Failed to detect issues" — presumably
because two competing dep declarations (PEP 621 vs Poetry-style)
confuse the parser. The shim was the cause, not the fix.

Now that the click bump in commit 28405e6 already cleared the only
real vuln snyk had flagged, the simpler config (just [project], no
shim) should make snyk happy. Keeping a comment explaining why the
shim is deliberately absent so a future contributor doesn't re-add it.

Build verified (wheel + sdist), 293/293 tests pass.

Co-Authored-By: Claude <noreply@anthropic.com>

Author: bluet

pyproject.toml

@@ -68,47 +68,21 @@ dev = [
     "ruff>=0.15.12,<1.0.0",
 ]
 
-# [tool.poetry] block exists for two reasons:
+# Tells poetry-core which dirs ship in the wheel + sdist. Mirrors the prior
+# [tool.poetry] packages/include settings.
 #
-# 1. `packages` + `include` tell poetry-core (the build backend) which
-#    files to ship in the wheel + sdist.
-# 2. `[tool.poetry.dependencies]` is a snyk-compat shim. Snyk's GitHub PR
-#    app integration uses the legacy poetry parser even when the org has
-#    "uv preview" enabled (preview is CLI-only per docs:
-#    https://docs.snyk.io/supported-languages/supported-languages-list/python/cli-support-for-uv).
-#    Without [tool.poetry.dependencies] the scan fails with "pyproject.toml
-#    error Failed to detect issues" and never falls through to scan
-#    requirements.txt or uv.lock. Versions below MUST stay in sync with
-#    [project.dependencies] above.
-#
-# DO NOT run `poetry install/lock` against this file. If you `poetry add`
-# a dep it will write to [tool.poetry] only and silently drift from
-# [project]. uv reads [project.dependencies] (authoritative); this section
-# is read only by snyk. DELETE this whole [tool.poetry.dependencies]
-# section once snyk's PR app uses uv preview natively.
+# Note: deliberately keeping [tool.poetry.dependencies] OUT of this file.
+# At commit 51ed1f3 (no [tool.poetry.dependencies]) snyk successfully
+# parsed [project.dependencies] via its uv preview and reported a
+# vulnerability — proving snyk CAN read PEP 621 deps with preview enabled.
+# Adding [tool.poetry.dependencies] alongside [project.dependencies]
+# caused snyk to error with "Failed to detect issues" instead of using
+# either, presumably because two competing dep declarations confuse its
+# parser.
 [tool.poetry]
-# name/version/description/authors are required Poetry fields — without
-# them snyk's poetry parser rejects the [tool.poetry] block as invalid
-# and reports "pyproject.toml error Failed to detect issues". Mirror the
-# values from [project] above. poetry-core 2.x prefers [project] when
-# both are present, so this duplication doesn't affect builds.
-name = "proxybroker2"
-version = "2.0.0b3"
-description = "The New (auto rotate) Proxy [Finder | Checker | Server]. HTTP(S) & SOCKS."
-authors = ["BlueT - Matthew Lien - 練喆明 <bluet@bluet.org>", "Denis Constverum <constverum@gmail.com>"]
 packages = [{include = "proxybroker"}]
 include = ["proxybroker/data/*.mmdb"]
 
-[tool.poetry.dependencies]
-python = "^3.10"
-aiohttp = "^3.13.5"
-aiodns = "^3.6.1"
-attrs = ">=26.1.0,<27.0.0"
-maxminddb = "^2.8.2"
-cachetools = "^5.5.2"
-click = "^8.3.3"
-pyyaml = "^6.0.3"
-
 [build-system]
 requires = ["poetry-core>=2.1.3"]
 build-backend = "poetry.core.masonry.api"