fix: pin chardet<6 to suppress RequestsDependencyWarning

[andreatgretel]

Summary

• Pin chardet>=3.0.2,<6 as a workspace constraint in [tool.uv] to prevent RequestsDependencyWarning on fresh installs
• requests 2.32.5 asserts chardet<6 at import time, but sqlfluff and diff_cover pull in chardet without an upper bound, resolving to 7.1.0
• The constraint can be removed once a new requests release ships the fix from psf/requests#7220

Closes #404

Test plan

• Fresh install without uv.lock resolves chardet==5.2.0 (was 7.1.0)
• python -W all -c "import requests" produces no warnings
• All 2,434 tests pass across all three packages

[greptile-apps]

Greptile Summary

This PR pins chardet to >=3.0.2,<6 as a workspace-level constraint-dependencies entry in [tool.uv] of the root pyproject.toml, preventing sqlfluff and its transitive dependency diff-cover from resolving chardet 7.x, which would trigger a RequestsDependencyWarning from requests 2.32.5 at import time.

Key changes:

• pyproject.toml: Adds constraint-dependencies = ["chardet>=3.0.2,<6"] to the [tool.uv] section with a clear comment referencing upstream issue psf/requests#7219
• uv.lock: Regenerated to reflect the constraint; chardet is now locked at 5.2.0 (previously 7.1.0); a new transitive dependency annotated-doc==0.0.4 also appears, presumably pulled in by another updated package during lock regeneration

The fix correctly uses constraint-dependencies (not a direct dependencies entry), which limits the resolved version without adding chardet as a direct dependency of any workspace member. The PR description appropriately calls out that this constraint can be removed once psf/requests#7220 ships in a new release.

Confidence Score: 5/5

• This PR is safe to merge — it's a minimal, well-scoped dependency constraint fix with no logic changes and a full test suite pass.
• The change is isolated to workspace-level dependency configuration, uses the correct uv mechanism (constraint-dependencies), has a clear upstream reference and documented removal path, and the author confirmed all 2,434 tests pass with the new resolution.
• No files require special attention.

Important Files Changed

Filename	Overview
pyproject.toml	Adds constraint-dependencies = ["chardet>=3.0.2,<6"] to [tool.uv] — a minimal, targeted workspace-level constraint that prevents chardet 7.x from being resolved and triggering RequestsDependencyWarning from requests 2.32.5.
uv.lock	Lock file regenerated to reflect the new chardet constraint; chardet is now pinned at 5.2.0 (down from 7.1.0). Also introduces annotated-doc==0.0.4 as a new transitive dependency pulled in during lock regeneration.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A["data-designer-engine\n(sqlfluff>=3.2.0,<4)"] --> B["sqlfluff 3.5.0"]
    B --> C["chardet (no upper bound)"]
    B --> D["diff-cover 10.2.0"]
    D --> C
    E["data-designer-config\n(requests>=2.32,<3)"] --> F["requests 2.32.5"]
    F -->|"import-time check:\nchardet < 6 required"| G{{"chardet version?"}}
    C -->|"Before fix:\nresolves to 7.1.0"| G
    G -->|">= 6"| H["⚠️ RequestsDependencyWarning"]
    G -->|"< 6"| I["✅ No warning"]
    J["[tool.uv]\nconstraint-dependencies\nchardet>=3.0.2,<6"] -->|"constrains resolution"| C
    C -->|"After fix:\nresolves to 5.2.0"| G

Loading

_{Last reviewed commit: bd5383e}