SG-42304 Add Python 3.13 support

[julien-lang]

Summary

Adds Python 3.13 support to tk-framework-desktopserver, aligned with VFX
Reference Platform CY2026.

Changes

• Added Python 3.13 requirements.txt seed file used to drive dependency
  resolution
• Extended the automated pipeline (pipelines.yml) with new jobs for
  source and binary dependency resolution across macOS, Linux and Windows
  for Python 3.13
• Updated update_requirements.py to handle Python 3.13
• Excluded resources/python/src/3.13/explicit_requirements.txt from Snyk
  scans (consistent with other Python versions)
• Updated README badges to include Python 3.13 and VFX Reference Platform
  CY2026

Notes

The actual resolved dependency lock files (explicit_requirements) are
generated automatically by the CI pipeline and land via PR #317, which
must be merged into this branch before this PR can be merged into master.

Do not mind the 3.13 CI failures. This is a chicken and egg problem and is resolved by #317.

Related

• Automated dependency resolution PR: SG-42304 Python 3.13 - Automated dependency resolution (source + binary) #317

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 65.82%. Comparing base (89853b3) to head (3fa4131).
⚠️ Report is 2 commits behind head on master.

Additional details and impacted files

@@           Coverage Diff           @@
##           master     #315   +/-   ##
=======================================
  Coverage   65.82%   65.82%           
=======================================
  Files          24       24           
  Lines        1870     1870           
=======================================
  Hits         1231     1231           
  Misses        639      639           

Flag	Coverage Δ
Linux	47.54% <ø> (ø)
Python-3.10	65.82% <ø> (ø)
Python-3.11	65.82% <ø> (ø)
Python-3.9	65.79% <ø> (ø)
Windows	63.80% <ø> (ø)
macOS	64.34% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[Copilot]

Pull request overview

Adds Python 3.13 support to the bundled-dependency update workflow by introducing a 3.13 requirements set and extending the Azure pipeline to generate/install source and binary dependencies for 3.13.

Changes:

• Add git add of newly generated explicit_requirements.txt files during requirements generation.
• Introduce resources/python/requirements/3.13/requirements.txt and extend CI pipeline jobs to run 3.13 source/binary dependency updates.
• Update documentation and Snyk policy to reflect Python 3.13 support.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 6 comments.

Show a summary per file

File	Description
resources/python/update_requirements.py	Stages newly generated explicit requirements files so they can be committed by CI.
resources/python/requirements/3.13/requirements.txt	Adds initial dependency set for Python 3.13.
resources/python/pipelines/pipelines.yml	Adds/threads Python 3.13 through source + binary dependency jobs across OSes.
resources/python/README.md	Updates documented supported Python versions to include 3.13.
README.md	Updates badges for supported VFX platform years and Python versions.
.snyk	Adds Python 3.13 explicit requirements path to an ignore rule.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

These dependencies are specified with ~= here, whereas other Python version requirement files in this repo use exact == pins for reproducibility. Consider pinning these to exact versions as well to avoid unexpected updates during installs/builds.

[Copilot]

The comment says "All other Python versions (3.9, 3.10, 3.11) already bundle 22.2.0", but Python 3.7 also bundles attrs==22.2.0 in this repo. Please update the comment to include 3.7 (or explain why it’s excluded) to keep the documentation accurate.

Suggested change

	# All other Python versions (3.9, 3.10, 3.11) already bundle 22.2.0.
	# All other supported Python versions (3.7, 3.9, 3.10, 3.11) already bundle 22.2.0.

[Copilot]

This list uses full patch versions for other entries (e.g. 3.11.9), but this new entry is just "3.13". Please align the format (either specify the exact patch version for 3.13, or use a consistent “3.13.x” style for all).

[Copilot]

This list uses full patch versions for other entries (e.g. 3.11.9), but this new entry is just "3.13". Please align the format (either specify the exact patch version for 3.13, or use a consistent “3.13.x” style for all).

Suggested change

	- 3.13
	- Windows
	- 3.7.9
	- 3.9.13
	- 3.10.11
	- 3.11.9
	- 3.13
	- Linux:
	- 3.7.16
	- 3.9.16
	- 3.10.13
	- 3.11.9
	- 3.13
	- 3.13.x
	- Windows
	- 3.7.9
	- 3.9.13
	- 3.10.11
	- 3.11.9
	- 3.13.x
	- Linux:
	- 3.7.16
	- 3.9.16
	- 3.10.13
	- 3.11.9
	- 3.13.x

[Copilot]

This list uses full patch versions for other entries (e.g. 3.11.9), but this new entry is just "3.13". Please align the format (either specify the exact patch version for 3.13, or use a consistent “3.13.x” style for all).

Suggested change

	- 3.13
	- Windows
	- 3.7.9
	- 3.9.13
	- 3.10.11
	- 3.11.9
	- 3.13
	- Linux:
	- 3.7.16
	- 3.9.16
	- 3.10.13
	- 3.11.9
	- 3.13
	- 3.13.x
	- Windows
	- 3.7.9
	- 3.9.13
	- 3.10.11
	- 3.11.9
	- 3.13.x
	- Linux:
	- 3.7.16
	- 3.9.16
	- 3.10.13
	- 3.11.9
	- 3.13.x

[Copilot]

This requirements file uses compatible-release specifiers (~=) for several packages, but the other pinned requirement sets (e.g. 3.9/3.10/3.11) use exact == pins. Using ~= can introduce dependency drift and make the generated explicit_requirements.txt / bundled binaries non-reproducible; consider switching these entries to exact pins to match the established pattern.