chore(deps) Update dependency bleach to v6

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
bleach	^5.0.1 -> ^6.0.0

---

Release Notes

mozilla/bleach

v6.0.0

Compare Source

Backwards incompatible changes

• bleach.clean, bleach.sanitizer.Cleaner,
  bleach.html5lib_shim.BleachHTMLParser: the tags and protocols
  arguments were changed from lists to sets.

  Old pre-6.0.0:

  .. code-block:: python

  bleach.clean(
  "some text",
  tags=["a", "p", "img"],

^ ^ list

     protocols=["http", "https"],

^ ^ list

 )

New 6.0.0 and later:

.. code-block:: python

 bleach.clean(
     "some text",
     tags={"a", "p", "img"},

^ ^ set

     protocols={"http", "https"},

^ ^ set

 )

• bleach.linkify, bleach.linkifier.Linker: the skip_tags and
  recognized_tags arguments were changed from lists to sets.

  Old pre-6.0.0:

  .. code-block:: python

  bleach.linkify(
  "some text",
  skip_tags=["pre"],

^ ^ list

 )

 linker = Linker(
     skip_tags=["pre"],

^ ^ list

     recognized_tags=html5lib_shim.HTML_TAGS + ["custom-element"],

^ ^ ^ list

|

| list concatenation

 )

New 6.0.0 and later:

.. code-block:: python

 bleach.linkify(
     "some text",
     skip_tags={"pre"},

^ ^ set

 )

 linker = Linker(
     skip_tags={"pre"},

^ ^ set

     recognized_tags=html5lib_shim.HTML_TAGS | {"custom-element"},

^ ^ ^ set

|

| union operator

 )

• bleach.sanitizer.BleachSanitizerFilter: strip_allowed_elements is now
  strip_allowed_tags. We now use "tags" everywhere rather than a mishmash
  of "tags" in some places and "elements" in others.

Security fixes

None

Bug fixes

• Add support for Python 3.11. (#​675)

• Fix API weirness in BleachSanitizerFilter. (#​649)

  We're using "tags" instead of "elements" everywhere--no more weird
  overloading of "elements" anymore.

  Also, it no longer calls the superclass constructor.

• Add warning when css_sanitizer isn't set, but the style
  attribute is allowed. (#​676)

• Fix linkify handling of character entities. (#​501)

• Rework dev dependencies to use requirements-dev.txt and
  requirements-flake8.txt instead of extras.

• Fix project infrastructure to be tox-based so it's easier to have CI
  run the same things we're running in development and with flake8
  in an isolated environment.

• Update action versions in CI.

• Switch to f-strings where possible. Make tests parametrized to be
  easier to read/maintain.

---

Configuration

📅 Schedule: Branch creation - "before 8am on Monday" in timezone America/Chicago, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[github-advanced-security]

You have successfully added a new SonarCloud configuration ``. As part of the setup process, we have scanned this repository and found no existing alerts. In the future, you will see all code scanning alerts on the repository Security tab.