Bump itsdangerous from 1.1.0 to 2.1.1

[dependabot]

Bumps itsdangerous from 1.1.0 to 2.1.1.

Release notes

Sourced from itsdangerous's releases.

2.1.1

• Changes: https://itsdangerous.palletsprojects.com/en/2.1.x/changes/#version-2-1-1
• Milestone: https://github.com/pallets/itsdangerous/milestone/6?closed=1

2.1.0

• Changes: https://itsdangerous.palletsprojects.com/en/2.1.x/changes/#version-2-1-0
• Milestone: https://github.com/pallets/itsdangerous/milestone/4

2.0.1

• Changes: https://itsdangerous.palletsprojects.com/en/2.0.x/changes/#version-2-0-1

2.0.0

New major versions of all the core Pallets libraries, including ItsDangerous 2.0, have been released! 🎉

• Read the announcement on our blog: https://palletsprojects.com/blog/flask-2-0-released/
• Read the full list of changes: https://itsdangerous.palletsprojects.com/changes/#version-2-0-0
• Retweet the announcement on Twitter: https://twitter.com/PalletsTeam/status/1392266507296514048
• Follow our blog, Twitter, or GitHub to see future announcements.

This represents a significant amount of work, and there are quite a few changes. Be sure to carefully read the changelog, and use tools such as pip-compile and Dependabot to pin your dependencies and control your updates.

2.0.0rc2

• Changes: https://itsdangerous.palletsprojects.com/en/master/changes/#version-2-0-0

Changelog

Sourced from itsdangerous's changelog.

Version 2.1.1

Released 2022-03-09

• Handle date overflow in timed unsign. :pr:296

Version 2.1.0

Released 2022-02-17

• Drop support for Python 3.6. :pr:272

• Remove previously deprecated code. :pr:273

  • JWS functionality: Use a dedicated library such as Authlib instead.
  • import itsdangerous.json: Import json from the standard library instead.

Version 2.0.1

Released 2021-05-18

• Mark top-level names as exported so type checking understands imports in user projects. :pr:240
• The salt argument to Serializer and Signer can be None again. :issue:237

Version 2.0.0

Released 2021-05-11

• Drop support for Python 2 and 3.5.
• JWS support (JSONWebSignatureSerializer, TimedJSONWebSignatureSerializer) is deprecated. Use a dedicated JWS/JWT library such as authlib instead. :issue:129
• Importing itsdangerous.json is deprecated. Import Python's json module instead. :pr:152
• Simplejson is no longer used if it is installed. To use a different library, pass it as Serializer(serializer=...). :issue:146
• datetime values are timezone-aware with timezone.utc. Code using TimestampSigner.unsign(return_timestamp=True) or BadTimeSignature.date_signed may need to change. :issue:150
• If a signature has an age less than 0, it will raise

... (truncated)

Commits

• 38e9d8a Merge pull request #298 from pallets/release-2.1.1
• ff13147 release version 2.1.1
• 25494a8 Merge pull request #296 from alanhamlett/main
• 177196d catch OSError on Windows
• 37f0997 catching year overflow ValueError
• 85b1e3b failing test for year overflow
• 3b76264 start version 2.1.1
• 733783b updates go to 2.1.x
• bfafa65 Merge pull request #288 from pallets/release-2.1.0
• 5b7c2d6 release version 2.1.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Superseded by #60.