ROB-3755 - Update development dependencies to latest versions (#2054)

* fix(security): patch tornado, black, and Pillow CVEs

Bump tornado to ^6.5.5 (CVE-2026-31958 / GHSA-78cv-mqj4-43f7,
CVE-2026-35536), black to 26.3.1 (CVE-2026-32274), and Pillow to
^12.2.0 (CVE-2026-40192) to address vulnerabilities in dev/docs
dependencies.

* chore: regenerate poetry.lock with poetry 1.8.5 format

The previous commit was locked with poetry 2.3.3 (lock-version 2.1),
which fails the pre-commit poetry-lock hook pinned to poetry 1.8.5.
Re-generate the lockfile in the 2.0 format expected by the hook.

---------

Co-authored-by: Claude <noreply@anthropic.com>

Author: naomi-robusta