Update itsdangerous requirement from ~=1.1 to >=1.1,<3.0

[dependabot]

Updates the requirements on itsdangerous to permit the latest version.

Release notes

Sourced from itsdangerous's releases.

2.0.1

• Changes: https://itsdangerous.palletsprojects.com/en/2.0.x/changes/#version-2-0-1

Changelog

Sourced from itsdangerous's changelog.

Version 2.0.1

Released 2021-05-18

• Mark top-level names as exported so type checking understands imports in user projects. :pr:240
• The salt argument to Serializer and Signer can be None again. :issue:237

Version 2.0.0

Released 2021-05-11

• Drop support for Python 2 and 3.5.
• JWS support (JSONWebSignatureSerializer, TimedJSONWebSignatureSerializer) is deprecated. Use a dedicated JWS/JWT library such as authlib instead. :issue:129
• Importing itsdangerous.json is deprecated. Import Python's json module instead. :pr:152
• Simplejson is no longer used if it is installed. To use a different library, pass it as Serializer(serializer=...). :issue:146
• datetime values are timezone-aware with timezone.utc. Code using TimestampSigner.unsign(return_timestamp=True) or BadTimeSignature.date_signed may need to change. :issue:150
• If a signature has an age less than 0, it will raise SignatureExpired rather than appearing valid. This can happen if the timestamp offset is changed. :issue:126
• BadTimeSignature.date_signed is always a datetime object rather than an int in some cases. :issue:124
• Added support for key rotation. A list of keys can be passed as secret_key, oldest to newest. The newest key is used for signing, all keys are tried for unsigning. :pr:141
• Removed the default SHA-512 fallback signer from default_fallback_signers. :issue:155
• Add type information for static typing tools. :pr:186

Version 1.1.0

Released 2018-10-26

• Change default signing algorithm back to SHA-1. :pr:113
• Added a default SHA-512 fallback for users who used the yanked 1.0.0 release which defaulted to SHA-512. :pr:114
• Add support for fallback algorithms during deserialization to support changing the default in the future without breaking existing

... (truncated)

Commits

• 8f39dd3 Merge pull request #242 from pallets/release-2.0.1
• eccb31f release version 2.0.1
• 87d4e83 Merge pull request #241 from pallets/salt-default
• 41ec419 allow salt=None again
• 15a2e0d Merge pull request #240 from pallets/update-typing
• d2250ed mark top-level names as exported
• 56823cd Merge pull request #236 from pallets/default-branch
• b9c36cc rename default branch in files
• 0f37243 start version 2.0.1.dev0
• d101100 Merge pull request #235 from pallets/release-2.0.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)