🚀 pip: bump jinja2 from 3.1.3 to 3.1.4

[dependabot]

Bumps jinja2 from 3.1.3 to 3.1.4.

Release notes

Sourced from jinja2's releases.

3.1.4

This is the Jinja 3.1.4 security release, which fixes security issues and bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/Jinja2/3.1.4/ Changes: https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. GHSA-h75v-3vvj-5mfj

Changelog

Sourced from jinja2's changelog.

Version 3.1.4

Released 2024-05-05

• The xmlattr filter does not allow keys with / solidus, > greater-than sign, or = equals sign, in addition to disallowing spaces. Regardless of any validation done by Jinja, user input should never be used as keys to this filter, or must be separately validated first. :ghsa:h75v-3vvj-5mfj

Commits

• dd4a8b5 release version 3.1.4
• 0668239 Merge pull request from GHSA-h75v-3vvj-5mfj
• d655030 disallow invalid characters in keys to xmlattr filter
• a7863ba add ghsa links
• b5c98e7 start version 3.1.4
• da3a9f0 update project files (#1968)
• 0ee5eb4 satisfy formatter, linter, and strict mypy
• 20477c6 update project files (#5457)
• e491223 update pyyaml dev dependency
• 36f9885 fix pr link
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.

[github-actions]

Here are some friendly prose warnings from write-good:

In ./README.md
=============
jmbde is a program for the management of resources in companies. With the staff 
^^^^^
"jmbde" is repeated on line 3 at column 0
-------------
 need for their work can be used in this program. need to be recorded.
                         ^^^^^^^
"be used" may be passive voice on line 4 at column 39
-------------
in this program. need to be recorded.
                         ^^^^^^^^^^^
"be recorded" may be passive voice on line 4 at column 72
-------------
ompiler supporting C++17 is required, namely GCC-11, Clang-13, or Visual C++ 201
                         ^^^^^^^^^^^
"is required" may be passive voice on line 53 at column 28
-------------
jmbde uses the cross platform framework [Qt](http://www.qt.io/download-open-sour
^^^^^
"jmbde" is repeated on line 65 at column 0
-------------
Documentation is located at [Github Pages](https://strangequark1041.github.io/sa
^^^^^^^^^^^^^
"Documentation" is repeated on line 70 at column 0
-------------
Documentation is located at [Github Pages](https://strangequark1041.github.io/sa
              ^^^^^^^^^^
"is located" may be passive voice on line 70 at column 14
-------------
Samarium is distributed under the permissive [MIT License](LICENSE.md).
         ^^^^^^^^^^^^^^
"is distributed" may be passive voice on line 76 at column 9
-------------
n redistribute it and/or modify it under the terms
                         ^^^^^^
"modify" is wordy or unneeded on line 87 at column 62
-------------
This program is distributed in the hope that it will be useful, but WITHOUT ANY
             ^^^^^^^^^^^^^^
"is distributed" may be passive voice on line 91 at column 13
-------------
Qt is available under several [licenses](https://www.qt.io/licensing/).
                      ^^^^^^^
"several" is a weasel word on line 98 at column 22


In ./CONTRIBUTING.md
=============
d the following sections in
                         ^^^^^^^^^^^
"in
order to" is wordy or unneeded on line 3 at column 82
-------------
    requesting for exactly.
                   ^^^^^^^
"exactly" can weaken meaning on line 14 at column 19
-------------
request when you are finished, wait for reviews and apply suggestions from the
                 ^^^^^^^^^^^^
"are finished" may be passive voice on line 26 at column 17
-------------
gle for what you want to implement is usually helpful.
                         ^^^^^^^^^
"implement" is wordy or unneeded on line 34 at column 56
-------------
you want to implement is usually helpful.
                         ^^^^^^^
"usually" can weaken meaning on line 34 at column 69
-------------
Copy and modify the source codes if you want to implement something similar to a
         ^^^^^^
"modify" is wordy or unneeded on line 35 at column 9
-------------
rce codes if you want to implement something similar to an
                         ^^^^^^^^^
"implement" is wordy or unneeded on line 35 at column 48
-------------
t to implement something similar to an
                         ^^^^^^^^^^
"similar to" is wordy or unneeded on line 35 at column 68
-------------
5/signalsandslots.html). Usually, you don't
                         ^^^^^^^
"Usually" can weaken meaning on line 47 at column 66
-------------
issues) and find one you are interested
                         ^^^^^^^^^^^^^^
"are interested" may be passive voice on line 52 at column 72
-------------
on how you would like to implement it) before
                         ^^^^^^^^^
"implement" is wordy or unneeded on line 60 at column 68
-------------
3. You will be notified if this feature is not going to be accepted, or the "bug
            ^^^^^^^^^^^
"be notified" may be passive voice on line 65 at column 12
-------------
 feature is not going to be accepted, or the "bug" is
                         ^^^^^^^^^^^
"be accepted" may be passive voice on line 65 at column 56
-------------
uest. If you want to add multiple features/fix multiple
                         ^^^^^^^^
"multiple" is wordy or unneeded on line 71 at column 55
-------------
dd multiple features/fix multiple
                         ^^^^^^^^
"multiple" is wordy or unneeded on line 71 at column 77
-------------
y are not relevant, open multiple pull requests. You may need to create
                         ^^^^^^^^
"multiple" is wordy or unneeded on line 72 at column 41
-------------
    multiple branches to open multiple pull requests, you can learn git branchin
    ^^^^^^^^
"multiple" is wordy or unneeded on line 73 at column 4
-------------
ultiple branches to open multiple pull requests, you can learn git branching
                         ^^^^^^^^
"multiple" is wordy or unneeded on line 73 at column 30
-------------
    However, the rules are optional, the key is that, others and yourself in the
    ^^^^^^^
"However" is wordy or unneeded on line 81 at column 4
-------------
ould understand what has been changed and why these changes are made.
                         ^^^^^^^^^^^^
"been changed" may be passive voice on line 82 at column 31
-------------
ed and why these changes are made.
                         ^^^^^^^^
"are made" may be passive voice on line 82 at column 66
-------------
 Linux and Mac OS should be supported.
                         ^^^^^^^^^^^^
"be supported" may be passive voice on line 90 at column 37
-------------
ark system themes should be supported.
                         ^^^^^^^^^^^^
"be supported" may be passive voice on line 91 at column 41
-------------
uct](CODE_OF_CONDUCT.md) in order to build a
                         ^^^^^^^^^^^
"in order to" is wordy or unneeded on line 92 at column 67
-------------
Can I do it well if I've just started?
                         ^^^^
"just" can weaken meaning on line 97 at column 29
-------------
    -   No, you only need to know how to
                ^^^^
"only" can weaken meaning on line 102 at column 16
-------------
    -   If the CI tests are passed, it's probably because the submodules are upd
                        ^^^^^^^^^^
"are passed" may be passive voice on line 106 at column 24
-------------
y because the submodules are updated.
                         ^^^^^^^^^^^
"are updated" may be passive voice on line 106 at column 73


In ./docs/database-design.md
=============
             | This is a many to many relation   |
                         ^^^^
"many" is a weasel word and can weaken meaning on line 156 at column 57
-------------
     | This is a many to many relation   |
                         ^^^^
"many" is a weasel word and can weaken meaning on line 156 at column 65
-------------
   | The Printer(s) they are connected |
                         ^^^^^^^^^^^^^
"are connected" may be passive voice on line 157 at column 67
-------------
     | with this device. Many to many,   |
                         ^^^^
"Many" is a weasel word and can weaken meaning on line 158 at column 65
-------------
ith this device. Many to many,   |
                         ^^^^
"many" is a weasel word and can weaken meaning on line 158 at column 73
-------------
|                     | (Many to Many)                 |
                         ^^^^
"Many" is a weasel word and can weaken meaning on line 167 at column 48
-------------
              | (Many to Many)                 |
                         ^^^^
"Many" is a weasel word and can weaken meaning on line 167 at column 56
-------------
|                     | (Many to Many)                 |
                         ^^^^
"Many" is a weasel word and can weaken meaning on line 169 at column 48
-------------
              | (Many to Many)                 |
                         ^^^^
"Many" is a weasel word and can weaken meaning on line 169 at column 56
-------------
ers for the department. (Many to Many) |
                         ^^^^
"Many" is a weasel word and can weaken meaning on line 179 at column 74
-------------
the department. (Many to Many) |
                         ^^^^
"Many" is a weasel word and can weaken meaning on line 179 at column 82
-------------
xes for the department. (Many to Many)    |
                         ^^^^
"Many" is a weasel word and can weaken meaning on line 180 at column 71
-------------
the department. (Many to Many)    |
                         ^^^^
"Many" is a weasel word and can weaken meaning on line 180 at column 79
-------------
           | relation to to ZipCity                           |
                         ^^
"to" is repeated on line 309 at column 54
-------------
R             | Name and type of the Processor |
                         ^^^^^^^
"type of" is wordy or unneeded on line 405 at column 48


In ./CHANGELOG.md
=============
- Implement Checks in Styles workflow [\#261](https://github.com/jmuelbert/jmbde
  ^^^^^^^^^
"Implement" is wordy or unneeded on line 14 at column 2
-------------
vans/create-pull-request requirement to v3.5.2 [\#132](https://github.com/jmuelb
                         ^^^^^^^^^^^
"requirement" is wordy or unneeded on line 108 at column 41
-------------
- Update actions/cache requirement to v2.1.3 [\#131](https://github.com/jmuelber
                       ^^^^^^^^^^^
"requirement" is wordy or unneeded on line 109 at column 23
-------------
- Update actions/cache requirement to v2.1.3 [\#100](https://github.com/jmuelber
                       ^^^^^^^^^^^
"requirement" is wordy or unneeded on line 133 at column 23


In ./SECURITY.md
=============
currently being supported with security updates.
^^^^^^^^^
"currently" can weaken meaning on line 6 at column 0
-------------
currently being supported with security updates.
          ^^^^^^^^^^^^^^^
"being supported" may be passive voice on line 6 at column 10
-------------
ect if the vulnerability is accepted or
                         ^^^^^^^^^^^
"is accepted" may be passive voice on line 20 at column 60


In ./.github/ISSUE_TEMPLATE/feature_request.md
=============
**Additional context** Add any other context or screenshots about the feature re
  ^^^^^^^^^^
"Additional" is wordy or unneeded on line 18 at column 2


In ./.github/ISSUE_TEMPLATE/bug_report.md
=============
**Additional context** Add any other context about the problem here.
  ^^^^^^^^^^
"Additional" is wordy or unneeded on line 35 at column 2


In ./.github/PULL_REQUEST_TEMPLATE.md
=============
s one or more issues, or is related to
                         ^^^^^^^^^^
"is related" may be passive voice on line 10 at column 55
-------------
## How Has This Been Tested?
                ^^^^^^^^^^^
"Been Tested" may be passive voice on line 18 at column 16
-------------
request before all these are done, but
                         ^^^^^^^^
"are done" may be passive voice on line 28 at column 51
-------------
     they should be done before getting merged. -->
                 ^^^^^^^
"be done" may be passive voice on line 29 at column 17
-------------
 If the key of a setting is changed, the 'old' attribute is updated or it is
                         ^^^^^^^^^^
"is changed" may be passive voice on line 31 at column 32
-------------
ged, the 'old' attribute is updated or it is
                         ^^^^^^^^^^
"is updated" may be passive voice on line 31 at column 64
-------------
 attribute is updated or it is
                         ^^^^^
"it is" is wordy or unneeded on line 31 at column 78
-------------
tribute is updated or it is
                         ^^^^^^^^^^^^^^^^^^^
"is
        resolved" may be passive voice on line 31 at column 81
-------------
isplayed in the UI, they are wrapped in 'tr()'
                         ^^^^^^^^^^^
"are wrapped" may be passive voice on line 33 at column 67
-------------
hanges are notable, they are documented in
                         ^^^^^^^^^^^^^^
"are documented" may be passive voice on line 37 at column 43
-------------
## Additional text
   ^^^^^^^^^^
"Additional" is wordy or unneeded on line 40 at column 3
-------------
the translations need to be updated. --->
                         ^^^^^^^^^^
"be updated" may be passive voice on line 43 at column 45


In ./README_de.md
=============
jmbde ist ein Programm für das Management von Ressourcen in Unternehmen. Mit die
^^^^^
"jmbde" is repeated on line 9 at column 0
-------------
rzeichnis und führen Sie sie aus:
                         ^^^
"sie" is repeated on line 62 at column 60
-------------
n redistribute it and/or modify it under the terms
                         ^^^^^^
"modify" is wordy or unneeded on line 217 at column 62
-------------
This program is distributed in the hope that it will be useful, but WITHOUT ANY
             ^^^^^^^^^^^^^^
"is distributed" may be passive voice on line 221 at column 13


In ./CODE_OF_CONDUCT.md
=============
-   Giving and gracefully accepting constructive feedback
               ^^^^^^^^^^
"gracefully" can weaken meaning on line 21 at column 15
-------------
sing on what is best not just for us as individuals, but for the overall
                         ^^^^
"just" can weaken meaning on line 24 at column 33
-------------
individuals, but for the overall
                         ^^^^^^^
"overall" is wordy or unneeded on line 24 at column 73
-------------
t which could reasonably be considered inappropriate in a professional
                         ^^^^^^^^^^^^^
"be considered" may be passive voice on line 35 at column 41
-------------
nacceptable behavior may be reported to
                         ^^^^^^^^^^^
"be reported" may be passive voice on line 58 at column 72
-------------
complaints will be reviewed and investigated promptly and fairly.
                ^^^^^^^^^^^
"be reviewed" may be passive voice on line 60 at column 16
-------------
eviewed and investigated promptly and fairly.
                         ^^^^^^^^
"promptly" can weaken meaning on line 60 at column 45
-------------
nvestigated promptly and fairly.
                         ^^^^^^
"fairly" is a weasel word and can weaken meaning on line 60 at column 58
-------------
All community leaders are obligated to respect the privacy and security of the r
                      ^^^^^^^^^^^^^
"are obligated" may be passive voice on line 62 at column 22
-------------
te. A public apology may be requested.
                         ^^^^^^^^^^^^
"be requested" may be passive voice on line 77 at column 36
-------------
Conduct, is allowed during this period. Violating these terms may lead to a perm
         ^^^^^^^^^^
"is allowed" may be passive voice on line 97 at column 9
-------------
This Code of Conduct is adapted from the [Contributor Covenant][homepage], versi
                     ^^^^^^^^^^
"is adapted" may be passive voice on line 111 at column 21
-------------
munity Impact Guidelines were inspired by
                         ^^^^^^^^^^^^^
"were inspired" may be passive voice on line 114 at column 28