chore: bump hedera-guardian-ai-toolkit deps

[Pyatakov]

Description

Consolidates 34 open Dependabot dependency bumps against hedera-guardian-ai-toolkit and its five sub-packages into a single change. All poetry.lock files were refreshed via poetry update against the existing pyproject constraints, with three constraint widenings to let pytest reach 9.0.3.

Direct constraint changes

• packages/document_ingestion_worker/pyproject.toml: pytest = "^7.4.0" → "^9.0.0"
• packages/vector_store/pyproject.toml: pytest = "^8.0.0" → "^9.0.0"
• packages/policy_schema_builder/pyproject.toml: pytest = "^8.0.0" → "^9.0.0"
• fastmcp is intentionally held at 2.14.5 in both the root and hedera_guardian_mcp_server; its 2 → 3 major upgrade is left for a dedicated migration PR.

Resolved target deps in the lockfiles (at or above the version each Dependabot PR requested)

• pyjwt 2.12.1, requests 2.34.0, pygments 2.20.0, cryptography 48.0.0, pytest 9.0.3, langsmith 0.8.3, authlib 1.7.2, python-dotenv 1.2.2, lxml 6.1.0, python-multipart 0.0.28, urllib3 2.7.0

Test snapshot update

• tests/hedera_guardian_mcp_server/unit/test_mcp_server_endpoints.py — pydantic 2.13's JSON schema generator now emits the wrapper class docstring, so the inline snapshot in test_list_tools gains two "description": "Generic wrapper for non-object return types." entries and one block-string reformat.

Supersedes (close after merge): #5845, #5846, #5888, #5890, #5891, #5892, #5914, #5920, #5921, #5922, #5930, #5931, #5940, #5947, #5948, #5949, #5950, #5965, #5966, #5970, #5972, #5981, #5982, #5984, #5985, #5986, #5989, #6041, #6042, #6055, #6056, #6057, #6058, #6059. fastmcp PR #5916 is deliberately excluded.

[github-actions]

Test Results

 32 files  ±0   64 suites  ±0   8m 29s ⏱️ -11s
 35 tests ±0   35 ✅ ±0  0 💤 ±0  0 ❌ ±0 
165 runs  ±0  165 ✅ ±0  0 💤 ±0  0 ❌ ±0 

Results for commit 0abfa06. ± Comparison against base commit 4975229.

♻️ This comment has been updated with latest results.