Bump poetry to 2.3.4 to fix GHSA-73h3-mf4w-8647

2.3.3 only fixed the high severity CVE; 2.3.4 also fixes the low
severity tar extraction path traversal.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>

Author: kbukum1

uv/helpers/requirements.txt

@@ -4,7 +4,7 @@ flake8==7.3.0
 hashin==1.0.5
 pipenv==2024.4.1
 plette==2.2.1
-poetry==2.3.3
+poetry==2.3.4
 # TODO: Replace 3p package `tomli` with 3.11's new stdlib `tomllib` once we drop support for Python 3.10.
 tomli==2.4.1
 uv==0.11.8