estuary-cdk: make airbyte-cdk optional to unblock nltk security update

Recent versions of `airbyte-cdk` pin `nltk` to 3.9.1, which
blocks the update to 3.9.3 needed for CVE-2025-14009. `estuary-cdk`
doesn't use `nltk` directly; it was only pulled in transitively.

This commit addresses this by:
- Making `airbyte-cdk` an optional dependency via "airbyte-shim" extras.
- Adding extras = ["requests"] to `google-auth` (it previously was pulled in via airbyte-cdk)
- Removing unused `nltk` from `estuary-cdk`'s direct dependencies.
- Updating imported connectors using the airbyte shim to specify extras = ["airbyte-shim"]
- Regenerating `poetry.lock` for all affected connectors.

This removes the `nltk` dependency for all native and imported connectors
except `source-brevo`.

source-brevo remains blocked because airbyte-cdk ^6 pins `nltk` to 3.9.1.
It will need a native rewrite or an upstream airbyte-cdk fix to remove or
update the `nltk` dependency.

Author: Alex-Bair

estuary-cdk/poetry.lock

@@ -18,17 +18,21 @@ ijson = "^3.3.0"
 pycron = "^3.1.2"
 stream-unzip = "0.0.99"
 
-airbyte-cdk = "<=6.56.0"
-google-auth = ">=2.40.3"
+google-auth = {version = ">=2.40.3", extras = ["requests"]}
 pendulum = "<=2.0.0 | >=3.0.0"
-nltk = "^3.9.1"
+
+airbyte-cdk = {version = "<=6.56.0", optional = true}
+
+[tool.poetry.extras]
+airbyte-shim = ["airbyte-cdk"]
 
 [tool.poetry.group.dev.dependencies]
 debugpy = "^1.8.0"
 mypy = "^1.8.0"
 pytest = "^7.4.3"
 pytest-insta = "^0.3.0"
 pytest-asyncio = "0.23.8"
+airbyte-cdk = "<=6.56.0"
 
 [build-system]
 requires = ["poetry-core"]

estuary-cdk/pyproject.toml

@@ -6,7 +6,7 @@ authors = ["Joseph Shearer <joseph@estuary.dev>"]
 
 [tool.poetry.dependencies]
 airbyte-cdk = "^0.52"
-estuary-cdk = {path="../estuary-cdk", develop = true}
+estuary-cdk = {path="../estuary-cdk", develop = true, extras = ["airbyte-shim"]}
 python = "^3.11"
 types-requests = "^2.31"
 

source-ada/poetry.lock

@@ -10,6 +10,7 @@ authors = [
 estuary-cdk = { path = "../estuary-cdk", develop = true }
 python = "^3.11"
 pydantic = "^2"
+pyjwt = "^2"
 
 [tool.poetry.group.dev.dependencies]
 debugpy = "^1.8.0"

source-airtable-native/poetry.lock

@@ -6,7 +6,7 @@ authors = ["Jonathan Wihl <jonathan@estuary.dev>", "Johnny Graettinger <johnny@e
 
 [tool.poetry.dependencies]
 airbyte-cdk = "^0.52"
-estuary-cdk = {path="../estuary-cdk", develop = true}
+estuary-cdk = {path="../estuary-cdk", develop = true, extras = ["airbyte-shim"]}
 python = "^3.11"
 types-requests = "^2.31"