Update safety requirement from ~=2.2 to ~=2.3 in /.dev

[dependabot]

Updates the requirements on safety to permit the latest version.

Changelog

Sourced from safety's changelog.

[2.3.1] - 2022-10-05

• Add safety.alerts module to setup.cfg

[2.3.0] - 2022-10-05

• Safety can now create GitHub PRs and Issues for vulnerabilities directly, with the new safety alert subcommand.
• Support for GitHub PR and Issue alerting has been added to the GitHub Action.

[2.2.1] - 2022-10-04

• Fixed the use of the SAFETY_COLOR environment variable
• Fixed bug in the case of vulnerabilities without a CVE linked
• Fixed GitHub version in the README

[2.2.0] - 2022-09-19

• Safety starts to use dparse to parse files, now Safety supports mainly Poetry and Pipenv lock files plus other files supported by dparse.
• Added logic for custom integrations like pipenv check.
• The --db flag is compatible remote sources too.
• Added more logging
• Upgrade dparse dependency to avoid a possible ReDos security issue
• Removed Travis and Appveyor, the CI/CD was migrated to GitHub Actions

[2.1.1] - 2022-07-18

• Fix crash when running on systems without git present (Thanks @​andyjones)

[2.1.0] - 2022-07-14

Summary:

• Improved error messages & fixed issues with proxies
• Fixed license command
• Added the ability for scan outputs to be sent to pyup.io. This will only take effect if using an API key, the feature is enabled on your profile, and the --disable-audit-and-monitor is not set
• Added the ability to have a Safety policy file set centrally on your pyup.io profile. This remote policy file will be used if there's no local policy file present, otherwise a warning will be issued.

Updated outputs:

• Text & screen output: If a scan has been logged, this is now mentioned in the output.
• JSON output: The JSON output now includes git metadata about the folder Safety was run in. It also includes a version field, and telemetry information that would be sent separately. There are no breaking changes in the output.

New inputs:

• New command line flags
  • The --disable-audit-and-monitor flag can be set to disable sending a scan's result to pyup.io
  • The --project flag can be set to manually specify a project to associate these scans with. By default, it'll autodetect based on the current folder and git.

[2.0.0] - 2022-06-28

Summary:

• Compared to previous versions, Safety 2.0 will be a significant update that includes new features and refactors, resulting in breaking changes to some inputs and outputs.

Updated outputs:

• Text & screen output: Upgraded the text and screen outputs, removing the old table style and adding new data and formats to vulnerabilities.
• JSON output: New and updated JSON output (breaking change). Safety adds all the possible information in the JSON report. The structure of this JSON file has been improved.
• Improved the support for exit codes. There are now custom exit codes with detailed information about the result. Examples include: VULNERABILITIES_FOUND and INVALID_API_KEY.
• Added remediations (fix recommendations) sections to outputs. Now, Safety will suggest the steps to fix a detected vulnerability when an API key is used.

... (truncated)

Commits

• 6631403 Fix bugged 2.3.0 release - safety.alerts module not included in setup.cfg
• 12cd289 Version 2.3.0
• 43dd831 Fix workflows for master -> main rename
• 40fb27a Merge pull request #415 from pyupio/develop
• 679cd54 Add dataclasses requirement to test_requirements.txt
• 1134fb9 Fix test case with expanded more_info_url
• 320aa5c Merge branch 'main' into develop
• 195aefc Merge pull request #411 from cb22/develop
• 1172ea6 Handle cvss3 score being None it utils too
• 5717d5a Handle when optional extras are not installed
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)