build: Scheduled monthly dependency update for January

[pyup-bot]

Update lxml from 4.6.4 to 4.7.1.

Changelog

4.7.1

==================

Features added
--------------

* Chunked Unicode string parsing via ``parser.feed()`` now encodes the input data
to the native UTF-8 encoding directly, instead of going through ``Py_UNICODE`` /
``wchar_t`` encoding first, which previously required duplicate recoding in most cases.

Bugs fixed
----------

* The standard namespace prefixes were mishandled during "C14N2" serialisation on Python 3.
See https://mail.python.org/archives/list/lxmlpython.org/thread/6ZFBHFOVHOS5GFDOAMPCT6HM5HZPWQ4Q/

* ``lxml.objectify`` previously accepted non-XML numbers with underscores (like "1_000")
as integers or float values in Python 3.6 and later. It now adheres to the number
format of the XML spec again.

* LP1939031: Static wheels of lxml now contain the header files of zlib and libiconv
(in addition to the already provided headers of libxml2/libxslt/libexslt).

Other changes
-------------

* Wheels include libxml2 2.9.12+ and libxslt 1.1.34 (also on Windows).

4.7.0

==================

* Release retracted due to missing files in lxml/includes/.

4.6.5

==================

Bugs fixed
----------

* A vulnerability (GHSL-2021-1038) in the HTML cleaner allowed sneaking script
content through SVG images.

* A vulnerability (GHSL-2021-1037) in the HTML cleaner allowed sneaking script
content through CSS imports and other crafted constructs.

Links

• PyPI: https://pypi.org/project/lxml
• Changelog: https://pyup.io/changelogs/lxml/
• Homepage: https://lxml.de/