build(deps): bump redis from 4.3.4 to 4.5.4

[dependabot]

Bumps redis from 4.3.4 to 4.5.4.

Release notes

Sourced from redis's releases.

4.5.4

Changes

Upgrade urgency: SECURITY, contains fixes to security issues.

• (CVE-2023-28859) - Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases.
• (CVE-2023-28858) - Cancelling an async future does not, properly trigger, leading to a potential data leak in specific cases.

🐛 Bug Fixes

• Fixing cancelled async futures (#2666)
• Fix: do not use asyncio's timeout lib before 3.11.2 (#2659)
• Fix UDS in v4.5.2: UnixDomainSocketConnection missing constructor argument (#2630)

🧰 Maintenance

• Minor fixes for #2666 and enhanced async test (#2673)
• Fix issue 2660: PytestUnraisableExceptionWarning from asycio client (#2669)
• Removing accidentally checked in files (#2642)

Contributors

We'd like to thank all the contributors who worked on this release!

@​bellini666, @​chayim, @​dvora-h, @​shacharPash and @​woutdenolf

4.5.3

Changes

Update urgency: HIGH: There is a critical bug that may affect a subset of users. Upgrade!

🐛 Bug Fixes

• CWE-404 AsyncIO Race Condition Fix (#2624, #2579)

4.5.2

Changes

🚀 New Features

• Introduce AbstractConnection so that UnixDomainSocketConnection can call super().init (#2588)
• Added queue_class to REDIS_ALLOWED_KEYS (#2577)
• Made search document subscriptable (#2615)
• Sped up the protocol parsing (#2596)

🐛 Bug Fixes

• Fix behaviour of async PythonParser to match RedisParser as for issue #2349 (#2582)
• Replace async_timeout by asyncio.timeout (#2602)
• Update json().arrindex() default values (#2611)

... (truncated)

Commits

• e1017fd Version 4.5.4 (#2674)
• ef3f086 Fix async (#2673)
• 5acbde3 Fixing cancelled async futures (#2666)
• 6d886d7 Fix issue 2660: PytestUnraisableExceptionWarning from asycio client (#2669)
• 326bb1c removing useless files (#2642)
• 4856813 UnixDomainSocketConnection missing constructor argument (#2630)
• 4802530 fix: do not use asyncio's timeout lib before 3.11.2 (#2659)
• 66a4d6b AsyncIO Race Condition Fix (#2641)
• 318b114 Version 4.5.2 (#2627)
• 1b2f408 Fix behaviour of async PythonParser to match RedisParser as for issue #2349 (...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)