chore(deps): bump 8 main app dependencies to dependabot-validated versions

Bundles the following Dependabot PRs into uv.lock (regenerated):
- urllib3       2.6.3   -> 2.7.0     (closes #200)
- gitpython     3.1.46  -> 3.1.50    (closes #198)
- python-dotenv 1.2.1   -> 1.2.2     (closes #190)
- pytest        9.0.2   -> 9.0.3     (closes #188)
- uv            0.9.21  -> 0.11.6    (closes #184)
- cryptography  46.0.5  -> 46.0.7    (closes #181)
- pygments      2.19.2  -> 2.20.0    (closes #177)
- requests      2.32.5  -> 2.33.0    (closes #175)

All eight target versions were verified through Socket Firewall (sfw) on the
full transitive dependency tree (15 packages including transitive deps fetched
clean; no malware/typosquat/supply-chain alerts).

Signed-off-by: lelia <2418071+lelia@users.noreply.github.com>

Author: lelia