[Aikido] Fix 6 security issues in jinja2, orjson, idna

[aikido-autofix]

Upgrade Jinja2, orjson, and idna to fix multiple RCE vulnerabilities in template sandbox escapes and DoS via unbounded recursion.

⚠️ Incomplete breaking changes analysis (2/3 analyzed)

⚠️ Breaking changes analysis not available for: idna

✅ No breaking changes from either package upgrade affect this codebase.

The jinja2 upgrade's breaking changes only apply to sandboxed environments, but this codebase uses the standard Environment class. The templates don't use the |attr filter or call clear()/pop() methods on sequences.

The idna package is a transitive dependency with no direct usage in the codebase, so changes to transitional processing and input size validation have no impact.

All breaking changes by upgrading jinja2 from version 3.1.4 to 3.1.6 (CHANGELOG)

Version	Description
3.1.5	Sandbox does not allow clear and pop on known mutable sequence types.
3.1.6	The ``

✅ 6 CVEs resolved by this upgrade

This PR will resolve the following CVEs:

Issue	Severity	Description
CVE-2024-56201	HIGH	[jinja2] A compiler bug allows attackers who control both template content and filename to execute arbitrary Python code, bypassing Jinja's sandbox protections. This impacts applications that process untrusted templates where the attacker can specify the template filename.
CVE-2025-27516	HIGH	[jinja2] Sandbox bypass in the
CVE-2024-56326	HIGH	[jinja2] Sandbox bypass in template processing allows arbitrary Python code execution through indirect calls to str.format via custom filters when an attacker controls template content.
AIKIDO-2024-10560	MEDIUM	[jinja2] A sandbox bypass vulnerability allows attackers to execute arbitrary code by storing a reference to the str.format method and invoking it indirectly through a filter, circumventing Jinja's sandbox restrictions. This enables remote code execution through malicious template manipulation.
CVE-2025-67221	HIGH	[orjson] The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for deeply nested JSON documents.
CVE-2026-45409	LOW	[idna] A denial-of-service vulnerability exists where specially crafted inputs with repeated Unicode characters cause excessive processing time in domain name validation. Enforcing a 253-character length limit before processing mitigates the issue.