fix(deps): update dependency cookiecutter to v2 [security]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
cookiecutter	^1.7 -> ^2.0.0

GitHub Vulnerability Alerts

CVE-2022-24065

The package cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

---

Release Notes

cookiecutter/cookiecutter (cookiecutter)

v2.1.1

Compare Source

Documentation updates

• Fix local extensions documentation (#​1686) @​alkatar21

Bugfixes

• Sanitize Mercurial branch information before checkout. (#​1689) @​ericof

This release is made by wonderfull contributors:

@​alkatar21, @​ericof and @​jensens

v2.1.0

Compare Source

Changes

• Move contributors and backers to credits section (#​1599) @​doobrie
• test_generate_file_verbose_template_syntax_error fixed (#​1671) @​MaciejPatro
• Removed changes related to setuptools_scm (#​1629) @​ozer550
• Feature/local extensions (#​1240) @​mwesterhof

CI/CD and QA changes

• Check manifest: pre-commit, fixes, cleaning (#​1683) @​jensens
• Follow PyPA guide to release package using GitHub Actions. (#​1682) @​ericof

Documentation updates

• Fix typo in dict_variables.rst (#​1680) @​ericof
• Documentation overhaul (#​1677) @​jensens
• Fixed incorrect link on docs. (#​1649) @​luzfcb

Bugfixes

• Restore accidentally deleted support for click 8.x (#​1643) @​jaklan

This release was made possible by our wonderful contributors:

@​doobrie, @​jensens, @​ericof, @​luzfcb

v1.7.3

Compare Source

• Fixed jinja2 and markupsafe dependencies

---

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: poetry.lock

Updating dependencies
Resolving dependencies...

[SolverProblemError]
The current project's Python requirement (^3.6) is not compatible with some of the required packages Python requirement:
  - cookiecutter requires Python >=3.7
  - cookiecutter requires Python >=3.7
  - cookiecutter requires Python >=3.7
  - cookiecutter requires Python >=3.7
  - cookiecutter requires Python >=3.7
  - cookiecutter requires Python >=3.7
  - cookiecutter requires Python >=3.7
  - cookiecutter requires Python >=3.7
  - cookiecutter requires Python >=3.7
  - cookiecutter requires Python >=3.7

Because no versions of cookiecutter match >=2.0.0,<2.1.0 || >2.1.0,<2.1.1 || >2.1.1,<2.2.0 || >2.2.0,<2.2.2 || >2.2.2,<2.2.3 || >2.2.3,<2.3.0 || >2.3.0,<2.3.1 || >2.3.1,<2.4.0 || >2.4.0,<2.5.0 || >2.5.0,<2.6.0 || >2.6.0,<3.0.0
 and cookiecutter (2.1.0) requires Python >=3.7, cookiecutter is forbidden.
And because cookiecutter (2.1.1) requires Python >=3.7
 and cookiecutter (2.2.0) requires Python >=3.7, cookiecutter is forbidden.
And because cookiecutter (2.2.2) requires Python >=3.7
 and cookiecutter (2.2.3) requires Python >=3.7, cookiecutter is forbidden.
And because cookiecutter (2.3.0) requires Python >=3.7
 and cookiecutter (2.3.1) requires Python >=3.7, cookiecutter is forbidden.
And because cookiecutter (2.4.0) requires Python >=3.7
 and cookiecutter (2.5.0) requires Python >=3.7, cookiecutter is forbidden.
So, because cookiecutter (2.6.0) requires Python >=3.7
 and python-library-project-generator depends on cookiecutter (^2.0.0), version solving failed.