⬆️ Bump colander from 1.8.3 to 2.0

[dependabot]

Bumps colander from 1.8.3 to 2.0.

Changelog

Sourced from colander's changelog.

2.0 (2022-01-02)

• Drop support for Python 2.7, 3.4, 3.5, 3.6.

• Add support for Python 3.10, 3.11.

• [breaking] If a bytes object is serialized by a String schema node with the encoding parameter specified, it will be passed through directly to str first, causing it to come out with a b'' prefix. In order to serialize it properly, it should be decoded to a string first. Previously, when the encoding parameter was specified it would be decoded and re-encoded, effectively passing it through untouched, despite not being a string type.

• Add a new colander.DataURL validator. See Pylons/colander#348

• Add IDN support to colander.url. See Pylons/colander#352

• colander.All now supports colander.Invalid.msg being None or a list, otherwise colander.Invalid.asdict crashes with TypeError: sequence item 1: expected str instance, NoneType found. See Pylons/colander#333 and Pylons/colander#194

• Fixed an issue with colander.Mapping and colander.Sequence where a default value of drop caused missing values to be dropped during deserialization. (Only missing values should affect deserialization, and only default values should affect serialization.) Added many new test cases for MappingSchema and SequenceSchema. See Pylons/colander#264

• Remove the dependency on setuptools for resolving pkg_resources-style importable paths in colander.GlobalObject.

• Refresh localization files with Babel 2.11.

Commits

• dcec3bc compile message catalogs
• cf0a71e fix up setuptools to avoid warnings about including static subfolders
• b2f0ce3 Merge pull request #354 from Pylons/localizations
• dd5ba48 prep 2.0
• 972d791 add a note on updating localizations
• 321407c update localizations
• cb25e70 drop setuptools dependency for GlobalObject
• 91400b1 clean up the extra test case when a sequence is empty
• d26557f Merge branch 'pr/264'
• 704a078 Merge branch 'main'
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

> **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[ndittren]

@dependabot rebase

[ndittren]

@dependabot rebase

[ndittren]

@dependabot rebase

[dependabot]

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

[ndittren]

@dependabot recreate

[ndittren]

@dependabot recreate

[nikolas]

@dependabot rebase

[nikolas]

@dependabot rebase