chore(deps): lock file maintenance

[renovate]

This PR contains the following updates:

Update	Change
lockFileMaintenance	All locks refreshed

🔧 This Pull Request updates lock files to use the latest dependency versions.

---

Configuration

📅 Schedule: Branch creation - "before 5am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[claude]

Pull Request Review: Lock File Maintenance

This PR updates dependency lock files with patch/minor version bumps for various packages. Here is my analysis:

Key Updates

Critical updates:

• Django 6.0 to 6.0.1: Patch release that likely includes security/bug fixes
• urllib3 2.6.2 to 2.6.3: HTTP client security/stability update

Notable dependency updates:

• anyio: 4.12.0 to 4.12.1
• django-cotton: 2.6.0 to 2.6.1
• django-dbbackup: 5.1.0 to 5.1.1
• django-loginas: 0.3.13 to 0.3.14
• djangorestframework-stubs: 3.16.6 to 3.16.7
• faker: 40.1.0 to 40.1.2
• ipython: 9.8.0 to 9.9.0
• jupyter-client: 8.7.0 to 8.8.0
• numpy: 2.4.0 to 2.4.1

Assessment

Code Quality and Best Practices:

• Automated dependency management via Renovate is properly configured
• Both main project and radis-client locks updated together
• All updates are patch/minor versions with low breaking change risk

Security:

• Django 6.0.1: Patch releases often address security issues - this is a priority update
• urllib3 2.6.3: HTTP client updates typically include security improvements
• No known CVEs in the updated versions

Considerations:

1. Django 6.0.1: Recommend reviewing the release notes for any behavioral changes
2. numpy 2.4.1: Extensive platform wheel updates included - monitor for numerical computation issues
3. Test coverage: CI should validate all tests pass, especially for report search functionality, Django ORM operations, API endpoints, and background workers

Performance:

• Minimal impact expected as patch releases focus on bugs, not features
• numpy updates may include performance improvements

Recommendations

Before merge:

1. Ensure all CI checks pass
2. Verify no test failures

After merge:

1. Monitor application logs for unexpected behavior
2. Pay attention to search functionality and background job processing
3. If issues arise, versions can be pinned in pyproject.toml

Verdict

APPROVE - Routine maintenance with security-focused updates. The automated approach with automerge enabled suggests robust test coverage. This follows best practices for dependency management in the RADIS project.

---

Review performed by Claude Code following RADIS project guidelines from CLAUDE.md