build(deps): bump werkzeug from 3.1.3 to 3.1.6 in /scripts/test-lambda-locally

[dependabot]

Bumps werkzeug from 3.1.3 to 3.1.6.

Release notes

Sourced from werkzeug's releases.

3.1.6

This is the Werkzeug 3.1.6 security fix release, which fixes a security issue but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Werkzeug/3.1.6/ Changes: https://werkzeug.palletsprojects.com/page/changes/#version-3-1-6

• safe_join on Windows does not allow special devices names in multi-segment paths. GHSA-29vq-49wr-vm6x

3.1.5

This is the Werkzeug 3.1.5 security fix release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Werkzeug/3.1.5/ Changes: https://werkzeug.palletsprojects.com/page/changes/#version-3-1-5 Milestone: https://github.com/pallets/werkzeug/milestone/43?closed=1

• safe_join on Windows does not allow more special device names, regardless of extension or surrounding spaces. GHSA-87hc-h4r5-73f7
• The multipart form parser handles a \r\n sequence at a chunk boundary. This fixes the previous attempt, which caused incorrect content lengths. #3065 #3077
• Fix AttributeError when initializing DebuggedApplication with pin_security=False. #3075

3.1.4

This is the Werkzeug 3.1.4 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes compared to the latest feature release.

PyPI: https://pypi.org/project/Werkzeug/3.1.4/ Changes: https://werkzeug.palletsprojects.com/page/changes/#version-3-1-4 Milestone: https://github.com/pallets/werkzeug/milestone/42?closed=1

• safe_join on Windows does not allow special device names. This prevents reading from these when using send_from_directory. secure_filename already prevented writing to these. ghsa-hgf8-39gv-g3f2
• The debugger pin fails after 10 attempts instead of 11. #3020
• The multipart form parser handles a \r\n sequence at a chunk boundary. #3065
• Improve CPU usage during Watchdog reloader. #3054
• Request.json annotation is more accurate. #3067
• Traceback rendering handles when the line number is beyond the available source lines. #3044
• HTTPException.get_response annotation and doc better conveys the distinction between WSGI and sans-IO responses. #3056

Changelog

Sourced from werkzeug's changelog.

Version 3.1.6

Released 2026-02-19

• safe_join on Windows does not allow special devices names in multi-segment paths. :ghsa:29vq-49wr-vm6x

Version 3.1.5

Released 2026-01-08

• safe_join on Windows does not allow more special device names, regardless of extension or surrounding spaces. :ghsa:87hc-h4r5-73f7
• The multipart form parser handles a \r\n sequence at a chunk boundary. This fixes the previous attempt, which caused incorrect content lengths. :issue:3065 :issue:3077
• Fix AttributeError when initializing DebuggedApplication with pin_security=False. :issue:3075

Version 3.1.4

Released 2025-11-28

• safe_join on Windows does not allow special device names. This prevents reading from these when using send_from_directory. secure_filename already prevented writing to these. :ghsa:hgf8-39gv-g3f2
• The debugger pin fails after 10 attempts instead of 11. :pr:3020
• The multipart form parser handles a \r\n sequence at a chunk boundary. :issue:3065
• Improve CPU usage during Watchdog reloader. :issue:3054
• Request.json annotation is more accurate. :issue:3067
• Traceback rendering handles when the line number is beyond the available source lines. :issue:3044
• HTTPException.get_response annotation and doc better conveys the distinction between WSGI and sans-IO responses. :issue:3056

Commits

• 04da1b5 release version 3.1.6
• f407712 Merge commit from fork
• f54fe98 safe_join prevents Windows special device names in multi-segment paths
• d005985 start version 3.1.6
• 8565c2c document rule priority (#3102)
• 3febc7e document rule priority
• 2525b82 remove state machine docs
• 4abfbd5 rewrite build docstring (#3097)
• 161c18b rewrite build docstring
• 86e11c2 release version 3.1.5 (#3085)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

---

Internal Changes 🔧

• (agents) Add sentry skills to be used by warden in CI reviews by ericapisani in #5485
• (ai) Add configuration for dotagents by ericapisani in #5480

• (deps) Bump werkzeug from 3.1.3 to 3.1.6 in /scripts/test-lambda-locally by dependabot[bot] in #5492

• (openai-agents) Expect new tool fields by alexander-alderman-webb in #5471
• (repo) Add .serena to .gitignore by ericapisani in #5464
• 🤖 Update test matrix with new releases (02/19) by github-actions in #5483
• 🤖 Update test matrix with new releases (02/18) by github-actions in #5475

---

_{🤖 This preview updates automatically when you update the PR.}

[github-actions]

Codecov Results 📊

✅ 87 passed | ⏭️ 1 skipped | Total: 88 | Pass Rate: 98.86% | Execution Time: 37.63s

📊 Comparison with Base Branch

Metric	Change
Total Tests	📈 +35
Passed Tests	📈 +37
Failed Tests	—
Skipped Tests	📉 -2

All tests are passing successfully.

✅ Patch coverage is 100.00%. Project has 13489 uncovered lines.
✅ Project coverage is 31.86%. Comparing base (base) to head (head).

Files with missing lines (172)

File	Patch %	Lines
langchain.py	3.28%	⚠️ 590 Missing
utils.py	51.43%	⚠️ 443 Missing and 73 partials
openai.py	10.94%	⚠️ 464 Missing and 1 partials
tracing_utils.py	29.39%	⚠️ 418 Missing and 19 partials
utils.py	9.19%	⚠️ 435 Missing
__init__.py	5.08%	⚠️ 374 Missing
scope.py	64.92%	⚠️ 288 Missing and 69 partials
transport.py	23.29%	⚠️ 303 Missing and 2 partials
client.py	54.98%	⚠️ 226 Missing and 62 partials
starlette.py	26.97%	⚠️ 260 Missing and 6 partials
transaction_profiler.py	35.52%	⚠️ 216 Missing and 10 partials
anthropic.py	17.58%	⚠️ 225 Missing
__init__.py	3.91%	⚠️ 221 Missing
langgraph.py	5.29%	⚠️ 215 Missing
mcp.py	23.97%	⚠️ 203 Missing and 2 partials
span_processor.py	0.00%	⚠️ 205 Missing
tracing.py	67.37%	⚠️ 155 Missing and 45 partials
continuous_profiler.py	43.45%	⚠️ 177 Missing and 17 partials
strawberry.py	8.54%	⚠️ 182 Missing
aws_lambda.py	16.50%	⚠️ 167 Missing
spark_driver.py	0.00%	⚠️ 166 Missing
utils.py	39.61%	⚠️ 154 Missing and 11 partials
__init__.py	23.83%	⚠️ 163 Missing
sanic.py	9.60%	⚠️ 160 Missing
huggingface_hub.py	16.67%	⚠️ 150 Missing
cloud_resource_context.py	0.00%	⚠️ 145 Missing
rust_tracing.py	0.00%	⚠️ 143 Missing
litellm.py	0.00%	⚠️ 138 Missing
litestar.py	9.59%	⚠️ 132 Missing
starlite.py	8.33%	⚠️ 132 Missing
envelope.py	40.82%	⚠️ 116 Missing and 11 partials
aiohttp.py	30.72%	⚠️ 115 Missing and 2 partials
falcon.py	8.94%	⚠️ 112 Missing
flask.py	12.50%	⚠️ 112 Missing
spotlight.py	28.47%	⚠️ 103 Missing and 8 partials
asgi.py	20.71%	⚠️ 111 Missing
dramatiq.py	0.00%	⚠️ 110 Missing
arq.py	9.92%	⚠️ 109 Missing
asgi.py	0.00%	⚠️ 109 Missing
hub.py	45.60%	⚠️ 105 Missing and 3 partials
pymongo.py	10.17%	⚠️ 106 Missing
beat.py	8.62%	⚠️ 106 Missing
caching.py	0.00%	⚠️ 106 Missing
templates.py	0.00%	⚠️ 100 Missing
asyncpg.py	11.61%	⚠️ 99 Missing
quart.py	16.10%	⚠️ 99 Missing
wsgi.py	22.66%	⚠️ 99 Missing
gcp.py	0.00%	⚠️ 98 Missing
otlp.py	0.00%	⚠️ 97 Missing
sessions.py	27.82%	⚠️ 96 Missing
pyramid.py	13.76%	⚠️ 94 Missing
tornado.py	14.55%	⚠️ 94 Missing
__init__.py	0.00%	⚠️ 93 Missing
_wsgi_common.py	28.35%	⚠️ 91 Missing
bottle.py	11.65%	⚠️ 91 Missing
middleware.py	0.00%	⚠️ 90 Missing
beam.py	0.00%	⚠️ 84 Missing
loguru.py	11.58%	⚠️ 84 Missing
ray.py	0.00%	⚠️ 84 Missing
logging.py	52.94%	⚠️ 72 Missing and 11 partials
cohere.py	34.92%	⚠️ 82 Missing
asyncio.py	0.00%	⚠️ 80 Missing
session.py	15.56%	⚠️ 76 Missing
clickhouse_driver.py	17.58%	⚠️ 75 Missing
pure_eval.py	0.00%	⚠️ 73 Missing
worker.py	22.58%	⚠️ 72 Missing
ariadne.py	14.46%	⚠️ 71 Missing
gql.py	10.13%	⚠️ 71 Missing
sqlalchemy.py	10.26%	⚠️ 70 Missing
monitoring.py	17.07%	⚠️ 68 Missing
graphene.py	12.82%	⚠️ 68 Missing
fastapi.py	18.29%	⚠️ 67 Missing
transactions.py	0.00%	⚠️ 67 Missing
_queue.py	26.67%	⚠️ 66 Missing
rq.py	15.38%	⚠️ 66 Missing
huey.py	17.72%	⚠️ 65 Missing
stdlib.py	58.21%	⚠️ 56 Missing and 8 partials
utils.py	16.00%	⚠️ 63 Missing
api.py	59.73%	⚠️ 60 Missing
chalice.py	16.18%	⚠️ 57 Missing
propagator.py	0.00%	⚠️ 57 Missing
server.py	0.00%	⚠️ 56 Missing
spark_worker.py	0.00%	⚠️ 56 Missing
gnu_backtrace.py	0.00%	⚠️ 51 Missing
_async_common.py	0.00%	⚠️ 51 Missing
socket.py	0.00%	⚠️ 50 Missing
views.py	0.00%	⚠️ 50 Missing
caches.py	16.95%	⚠️ 49 Missing
_batcher.py	41.25%	⚠️ 47 Missing
boto3.py	37.84%	⚠️ 46 Missing
httpx.py	36.99%	⚠️ 46 Missing
streaming.py	25.81%	⚠️ 46 Missing
traces.py	47.06%	⚠️ 45 Missing
_asgi_common.py	16.67%	⚠️ 45 Missing
signals_handlers.py	0.00%	⚠️ 44 Missing
utils.py	22.22%	⚠️ 42 Missing and 1 partials
client.py	0.00%	⚠️ 40 Missing
_sync_common.py	22.00%	⚠️ 39 Missing
executing.py	0.00%	⚠️ 38 Missing
client.py	0.00%	⚠️ 38 Missing
_span_batcher.py	35.71%	⚠️ 36 Missing
serverless.py	0.00%	⚠️ 36 Missing
serializer.py	86.56%	⚠️ 25 Missing and 10 partials
server.py	0.00%	⚠️ 35 Missing
threading.py	74.74%	⚠️ 24 Missing and 10 partials
sys_exit.py	0.00%	⚠️ 32 Missing
launchdarkly.py	0.00%	⚠️ 31 Missing
ai_client.py	88.28%	⚠️ 17 Missing and 14 partials
trytond.py	0.00%	⚠️ 30 Missing
integration.py	0.00%	⚠️ 30 Missing
scrubber.py	76.81%	⚠️ 16 Missing and 10 partials
redis_cluster.py	26.47%	⚠️ 25 Missing
_werkzeug.py	11.11%	⚠️ 24 Missing
typer.py	0.00%	⚠️ 24 Missing
tasks.py	0.00%	⚠️ 24 Missing
agent_run.py	80.41%	⚠️ 19 Missing and 5 partials
_compat.py	41.03%	⚠️ 23 Missing
statsig.py	0.00%	⚠️ 23 Missing
queries.py	25.81%	⚠️ 23 Missing
logger.py	43.59%	⚠️ 22 Missing
decorator.py	37.14%	⚠️ 22 Missing
runner.py	82.76%	⚠️ 15 Missing and 7 partials
_log_batcher.py	0.00%	⚠️ 21 Missing
attachments.py	27.59%	⚠️ 21 Missing
unraisablehook.py	0.00%	⚠️ 21 Missing
openfeature.py	0.00%	⚠️ 20 Missing
unleash.py	0.00%	⚠️ 19 Missing
invoke_agent.py	92.41%	⚠️ 6 Missing and 13 partials
_lru_cache.py	43.33%	⚠️ 17 Missing and 1 partials
monitor.py	81.97%	⚠️ 11 Missing and 5 partials
models.py	95.05%	⚠️ 5 Missing and 11 partials
__init__.py	93.48%	⚠️ 6 Missing and 9 partials
atexit.py	56.25%	⚠️ 14 Missing and 1 partials
excepthook.py	56.25%	⚠️ 14 Missing and 1 partials
redis.py	25.00%	⚠️ 15 Missing
feature_flags.py	56.25%	⚠️ 14 Missing
utils.py	94.64%	⚠️ 6 Missing and 8 partials
utils.py	96.12%	⚠️ 4 Missing and 10 partials
_init_implementation.py	45.83%	⚠️ 13 Missing
dedupe.py	77.50%	⚠️ 9 Missing and 4 partials
types.py	0.00%	⚠️ 12 Missing
_openai_completions_api.py	77.42%	⚠️ 7 Missing and 5 partials
error_tracing.py	72.41%	⚠️ 8 Missing and 3 partials
redis_py_cluster_legacy.py	26.67%	⚠️ 11 Missing
_types.py	66.67%	⚠️ 10 Missing
api.py	37.50%	⚠️ 10 Missing
utils.py	41.18%	⚠️ 10 Missing
agent_run.py	92.22%	⚠️ 7 Missing and 3 partials
tools.py	83.67%	⚠️ 8 Missing and 2 partials
metrics.py	47.06%	⚠️ 9 Missing
__init__.py	72.41%	⚠️ 8 Missing and 1 partials
graph_nodes.py	96.15%	⚠️ 2 Missing and 6 partials
_metrics_batcher.py	65.00%	⚠️ 7 Missing
consts.py	0.00%	⚠️ 7 Missing
model_request.py	66.67%	⚠️ 6 Missing and 1 partials
rb.py	30.00%	⚠️ 7 Missing
ai_client.py	93.33%	⚠️ 2 Missing and 3 partials
debug.py	91.30%	⚠️ 2 Missing and 2 partials
invoke_agent.py	100.00%	⚠️ 4 partials
utils.py	100.00%	⚠️ 4 partials
__init__.py	0.00%	⚠️ 3 Missing
__init__.py	96.51%	⚠️ 3 Missing
__init__.py	0.00%	⚠️ 3 Missing
__init__.py	0.00%	⚠️ 3 Missing
consts.py	99.43%	⚠️ 2 Missing
_openai_responses_api.py	88.89%	⚠️ 1 Missing and 1 partials
argv.py	100.00%	⚠️ 2 partials
modules.py	94.12%	⚠️ 1 Missing and 1 partials
tools.py	92.59%	⚠️ 2 Missing
handoff.py	90.00%	⚠️ 1 Missing and 1 partials
consts.py	0.00%	⚠️ 1 Missing
execute_tool.py	100.00%	⚠️ 1 partials

Coverage diff

@@            Coverage Diff             @@
##          main       #PR       +/-##
==========================================
+ Coverage    27.03%    31.86%    +4.83%
==========================================
  Files          189       189         —
  Lines        19795     19795         —
  Branches      6408      6408         —
==========================================
+ Hits          5351      6306      +955
- Misses       14444     13489      -955
- Partials       457       520       +63

---

Generated by Codecov Action

[dependabot]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.