build(deps-dev): update esbonio requirement from >=0.16.4 to >=2.0.0 in /python

[dependabot]

Updates the requirements on esbonio to permit the latest version.

Release notes

Sourced from esbonio's releases.

Esbonio Language Server v2.0.0 - 2026-04-11

v2.0.0 - 2026-04-11

Breaking Changes

• Drop support for Sphinx v6. (#1086)

• The default values for the following configuration options have been changed.

  • esbonio.logging.level now defaults to info
  • esbonio.server.completion.preferredInsertBehavior now defaults to insert

  (#1094)

• The default values for the following configuration options have been changed.

  • esbonio.logging.format now defaults to [%(method)s(%(msgid)s)][%(name)s] %(message)s

  Only log messages associated with the LSP methods initialize, initialized, textDocument/didOpen and workspace/didChangeConfiguration are shown by default, regardless of logging level.

  (#1095)

• The esbonio command no longer starts the server, instead the server is launched by running esbonio server, or by invoking the python -m esbonio.server (#1098)

Features

• Add support for Sphinx v9 by @​gastmaier (#1085)
• Introduce the esbonio.logging.enabledMethods option which can be used to override the list of LSP methods for which log messages are shown. (#1095)

Enhancements

• The esbonio.sphinx.pythonCommand can now be set to a single string, useful when working with virtual environments by @​gastmaier (#1085)

Commits

• 0832ee4 Esbonio Language Server Release v2.0.0
• bcb7488 Merge pull request #1102 from swyddfa/develop
• 6394447 code: Update changelog
• b1c4bcd workflow: Be specific about bundled esbonio version
• 509420c code: bump python dependencies
• 713877c code: bump node dependencies
• 8bbe9e5 docs: update migration guide
• 4351749 lsp: Introduce cli subcommands
• fa30e22 [pre-commit.ci] auto fixes from pre-commit.com hooks
• 5ad29e2 [pre-commit.ci] pre-commit autoupdate
• Additional commits viewable in compare view

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: 784fc5cb-ab57-4107-b092-ae64ed7e7156

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

Use the checkbox below for a quick retry:

• 🔍 Trigger review

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/pip/python/esbonio-gte-2.0.0

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[raballew]

Dependabot Review

Recommendation: NEEDS FIX before merge

This bumps esbonio from >=0.16.4 to >=2.0.0 in python/pyproject.toml. CI shows type-check-python and pytest failures.

Root cause: esbonio 2.0.0 removed certifi as a transitive dependency. The code in jumpstarter_cli_common/oidc.py imports certifi directly (line 10), but certifi is not listed as an explicit dependency in python/packages/jumpstarter-cli-common/pyproject.toml. Previously, esbonio pulled it in transitively.

Fix needed: Add certifi as an explicit dependency in python/packages/jumpstarter-cli-common/pyproject.toml since the code imports it directly. This is a missing dependency that was masked by the transitive chain.

The pytest-matrix failures appear to be CI infrastructure timeouts (cancelled during apt package installation), not related to the esbonio upgrade.

[raballew]

Action needed: Add certifi as an explicit dependency in python/packages/jumpstarter-cli-common/pyproject.toml -- it is imported directly in oidc.py but was only available transitively through esbonio <2.0. Once that is fixed, this should be safe to merge.

[ambient-code]

Dependabot PR Review Summary

Changes reviewed: Updates esbonio requirement from >=0.16.4 to >=2.0.0 in python/pyproject.toml.

Checklist

• go.mod impact: No go.mod changes — no cross-project go.mod updates needed.
• k8s version update: Not applicable.
• CI status: ❌ FAILING — type-check-python, pytest-matrix (macos-15, 3.11), and pytest summary all failed.

Analysis

This is a major version bump (0.16.x → 2.0.0) with significant breaking changes:

• Dropped Sphinx v6 support
• esbonio CLI command no longer starts the server (now esbonio server)
• Default config value changes

Root cause of CI failures: The esbonio update changed dependency resolution, exposing a latent bug — certifi is imported by jumpstarter-cli-common/jumpstarter_cli_common/oidc.py but not declared as a dependency in jumpstarter-cli-common/pyproject.toml. Previously certifi was pulled in transitively; the updated dependency tree no longer includes it.

To fix, this PR would need:

1. Regenerate uv.lock with uv lock for the new dependency tree
2. Potentially add certifi as an explicit dependency in jumpstarter-cli-common/pyproject.toml

⚠️ Not safe to merge as-is. Needs dependency resolution fixes.

🤖 Automated review by Ambient

[dependabot]

Superseded by #612.