Update dependency itsdangerous to v2

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
itsdangerous (changelog)	==0.24 -> ==2.2.0

---

Release Notes

pallets/itsdangerous (itsdangerous)

v2.2.0

Compare Source

Released 2024-04-16

• Drop support for Python 3.7. :pr:372
• Use modern packaging metadata with pyproject.toml instead of setup.cfg.
  :pr:326
• Use flit_core instead of setuptools as build backend.
• Deprecate the __version__ attribute. Use feature detection, or
  importlib.metadata.version("itsdangerous"), instead. :issue:371
• Serializer and the return type of dumps is generic for type checking.
  By default it is Serializer[str] and dumps returns a str. If a
  different serializer argument is given, it will try to infer the return
  type of its dumps method. :issue:347
• The default hashlib.sha1 may not be available in FIPS builds. Don't
  access it at import time so the developer has time to change the default.
  :issue:375

v2.1.2

Compare Source

Released 2022-03-24

• Handle date overflow in timed unsign on 32-bit systems. :pr:299

v2.1.1

Compare Source

Released 2022-03-09

• Handle date overflow in timed unsign. :pr:296

v2.1.0

Compare Source

Released 2022-02-17

• Drop support for Python 3.6. :pr:272

• Remove previously deprecated code. :pr:273

  • JWS functionality: Use a dedicated library such as Authlib
    instead.
  • import itsdangerous.json: Import json from the standard
    library instead.

v2.0.1

Compare Source

Released 2021-05-18

• Mark top-level names as exported so type checking understands
  imports in user projects. :pr:240
• The salt argument to Serializer and Signer can be
  None again. :issue:237

v2.0.0

Compare Source

Released 2021-05-11

• Drop support for Python 2 and 3.5.
• JWS support (JSONWebSignatureSerializer,
  TimedJSONWebSignatureSerializer) is deprecated. Use a dedicated
  JWS/JWT library such as authlib instead. :issue:129
• Importing itsdangerous.json is deprecated. Import Python's
  json module instead. :pr:152
• Simplejson is no longer used if it is installed. To use a different
  library, pass it as Serializer(serializer=...). :issue:146
• datetime values are timezone-aware with timezone.utc. Code
  using TimestampSigner.unsign(return_timestamp=True) or
  BadTimeSignature.date_signed may need to change. :issue:150
• If a signature has an age less than 0, it will raise
  SignatureExpired rather than appearing valid. This can happen if
  the timestamp offset is changed. :issue:126
• BadTimeSignature.date_signed is always a datetime object
  rather than an int in some cases. :issue:124
• Added support for key rotation. A list of keys can be passed as
  secret_key, oldest to newest. The newest key is used for
  signing, all keys are tried for unsigning. :pr:141
• Removed the default SHA-512 fallback signer from
  default_fallback_signers. :issue:155
• Add type information for static typing tools. :pr:186

v1.1.0

Compare Source

Released 2018-10-26

• Change default signing algorithm back to SHA-1. :pr:113
• Added a default SHA-512 fallback for users who used the yanked 1.0.0
  release which defaulted to SHA-512. :pr:114
• Add support for fallback algorithms during deserialization to
  support changing the default in the future without breaking existing
  signatures. :pr:113
• Changed capitalization of packages back to lowercase as the change
  in capitalization broke some tooling. :pr:113

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.