fix: updated packages to avoid security risks

[linglp]

Context

Related to: https://sagebionetworks.jira.com/browse/FDS-1966 Updated packages to avoid security issues.

Important note

Even though it seems like connexion 2.14.1 could support flask versions up until 3.XX:

po/apps/schematic/api$ poetry show connexion
 name         : connexion                                                         
 version      : 2.14.1                                                            
 description  : Connexion - API first applications with OpenAPI/Swagger and Flask 

dependencies
 - clickclick >=1.2,<21
 - flask >=1.0.4,<3
 - inflection >=0.3.1,<0.6
 - itsdangerous >=0.24
 - jsonschema >=2.5.1,<5
 - packaging >=20
 - PyYAML >=5.1,<7
 - requests >=2.9.1,<3
 - swagger-ui-bundle >=0.0.2,<0.1
 - werkzeug >=1.0,<3

In reality, when importing connexion with flask 2.3 and above, it would trigger an error below:

============================================== ERRORS ==============================================
__________________________________ ERROR collecting test session ___________________________________
/home/vscode/.pyenv/versions/3.10.14/lib/python3.10/importlib/__init__.py:126: in import_module
    return _bootstrap._gcd_import(name[level:], package, level)
<frozen importlib._bootstrap>:1050: in _gcd_import
    ???
<frozen importlib._bootstrap>:1027: in _find_and_load
    ???
<frozen importlib._bootstrap>:992: in _find_and_load_unlocked
    ???
<frozen importlib._bootstrap>:241: in _call_with_frames_removed
    ???
<frozen importlib._bootstrap>:1050: in _gcd_import
    ???
<frozen importlib._bootstrap>:1027: in _find_and_load
    ???
<frozen importlib._bootstrap>:1006: in _find_and_load_unlocked
    ???
<frozen importlib._bootstrap>:688: in _load_unlocked
    ???
<frozen importlib._bootstrap_external>:883: in exec_module
    ???
<frozen importlib._bootstrap>:241: in _call_with_frames_removed
    ???
schematic_api/test/__init__.py:3: in <module>
    import connexion
.venv/lib/python3.10/site-packages/connexion/__init__.py:32: in <module>
    from .apps.flask_app import FlaskApp
.venv/lib/python3.10/site-packages/connexion/apps/flask_app.py:151: in <module>
    class FlaskJSONEncoder(json.JSONEncoder):
E   AttributeError: module 'flask.json' has no attribute 'JSONEncoder'

Some security risks might be able to resolve after updating connexion to 3.0.0 but I decided not to update connexion in this PR since it will involve resolving breaking changes in the code. (see details in ticket: https://sagebionetworks.jira.com/browse/FDS-2045)

For other packages, cryptography is showing as 42.0.5 and werkzeug is showing as 2.3.8

[sonarcloud[bot]]

Quality Gate passed for 'schematic-api'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud