Update jupyterlab to address a CVE

[dixonjoel]

What does this Pull Request accomplish?

Addresses https://github.com/ni/datastore-python/security/dependabot/49

Why should this Pull Request be merged?

Avoid this Moderate severity CVE

What testing has been done?

PR

[Copilot]

Pull request overview

This pull request updates the dev-time JupyterLab dependency set to remediate the high-severity Dependabot security alert linked in the PR description, and adjusts Poetry’s solver configuration to allow faster uptake of JupyterLab releases.

Changes:

• Bumped jupyterlab in poetry.lock from 4.5.8 to 4.5.9 (security fix release for the referenced advisory).
• Bumped jupyter-client in poetry.lock from 8.9.0 to 8.9.1 as part of dependency resolution.
• Added jupyterlab to Poetry solver min-release-age-exclude to avoid the 14-day minimum release age delay for this package.

Reviewed changes

Copilot reviewed 1 out of 2 changed files in this pull request and generated no comments.

File	Description
poetry.toml	Excludes jupyterlab from the solver’s min-release-age gate so security releases can be adopted without delay.
poetry.lock	Updates locked versions/hashes for jupyterlab (and jupyter-client) to pick up patched releases.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.