Update pipaudit

[ckunki]

Currently, pipaudit in file pyproject.toml is limited to version < 2.10.

Updating pipautdit to version 2.10, seems to break integration test TestAuditPoetryFiles::test_works_as_expected.

See log:

Differing items:
   {'vulns': [{'aliases': ['GHSA-cpwx-vrp4-4pq7'], 'fix_versions': ['3.1.6'], 'id': 'CVE-2025-27516'}]}
!= {'vulns': [{'aliases': ['CVE-2025-27516'], 'fix_versions': ['3.1.6'], 'id': 'GHSA-cpwx-vrp4-4pq7'}]}

interestingly the test seems to succeed for Python <= 3.11, but to fail for Python >= 3.12.

The current ticket therefore requests,

• Analyze the root cause
• Update pipaudit to version >= 2.10
• Fix the integration tests

[ckunki]

Observations

• The tests create a sample poetry project P
• installs a package, having a known vulnerability
• runs pip-audit (from the PTB)
• compares the actual output with the expected

Problems:

• On my machine P's file pyproject.toml contains requires-python = ">=3.14"
• As P does not define an upper bound for the python version, for example pip-audit cannot be added to P
• Depending on the python version used in P pip-audit does not report any vulnerabilities
• If the actual output is empty the test remains green

Questions:

• How does P's python version relate to the CI test matrix, intending to test multiple python versions?
• Should P define an upper bound for the python version?
• Shouldn't the test fail in case there are no vulnerabilities, but some are expected, though?

I have the impression that P's python version (range) should be in sync with the one currently used by PTB (in its test session)