[pre-commit.ci] pre-commit autoupdate

.github/workflows/static_code_checks.yaml

@@ -51,10 +51,15 @@ jobs:
           # flwr (flower) requires cryptography<45.0.0, blocking the upgrade.
           # CVE-2026-1839 is a vulnerability in HF transformers, but they've messed up their typing in 5+ so we're
           # deferring this.
+          # PYSEC-2025-217 is a transformers vulnerability without a fix yet.
+          # PYSEC-2026-73 is a keras vulnerability fixed in 3.13, but this requires upgrade the python version, which
+          # we will defer for now.
           ignore-vulns: |
             CVE-2026-26007
             CVE-2026-34073
             CVE-2026-1839
+            PYSEC-2025-217
+            PYSEC-2026-73
 
 
       # Deleting some temporary files and useless folders to free up space

.pre-commit-config.yaml

@@ -1,6 +1,6 @@
 repos:
   - repo: https://github.com/astral-sh/uv-pre-commit
-    rev: 0.11.14
+    rev: 0.11.16
     hooks:
       - id: uv-lock
 
@@ -26,7 +26,7 @@ repos:
       - id: check-toml
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: 'v0.15.13'
+    rev: 'v0.15.14'
     hooks:
     - id: ruff-check
       args: [--fix, --exit-non-zero-on-fix]

pyproject.toml

@@ -20,7 +20,7 @@ dependencies = [
     "flwr>=1.18.0,<1.19.0",
     "opacus>=1.3.0,<2.0.0",
     "torch>=2.6.0",
-    "pyarrow>=17.0.0,<18.0.0",  # Pin as there is potential ACE with v0.14.2 that is resolved in v17.0
+    "pyarrow>=17.0.0",
     "dp-accounting>=0.4.3,<0.5.0",
     "torchmetrics>=1.3.0,<2.0.0",
     "aiohttp>=3.13.3,<4.0.0",
@@ -34,7 +34,7 @@ dependencies = [
     "acvl_utils==0.2",  # Pin as it was causing an issue with nnunet (ModuleNotFoundError: No module named 'blosc2')
     "scikit-learn==1.5.0",  # Pin as it was causing issues with nnunet
     "peft>=0.14.0,<1.0.0",
-    "starlette>=0.49.1,<1.0.0",
+    "starlette>=1.0.1",
     "jupyter-core>=5.8.1,<6.0.0",
     "fastapi>=0.121.0,<1.0.0",
     "tornado>=6.5,<7.0",