Update dependency cookiecutter to v2 [SECURITY]

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
cookiecutter	==1.7.0 -> ==2.1.1

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

GitHub Vulnerability Alerts

CVE-2022-24065

The package cookiecutter before 2.1.1 is vulnerable to Command Injection via hg argument injection. When calling the cookiecutter function from Python code with the checkout parameter, it is passed to the hg checkout command in a way that additional flags can be set. The additional flags can be used to perform a command injection.

---

Release Notes

cookiecutter/cookiecutter (cookiecutter)

v2.1.1

Compare Source

Documentation updates

• Fix local extensions documentation (#​1686) @​alkatar21

Bugfixes

• Sanitize Mercurial branch information before checkout. (#​1689) @​ericof

This release is made by wonderfull contributors:

@​alkatar21, @​ericof and @​jensens

v2.1.0

Compare Source

Changes

• Move contributors and backers to credits section (#​1599) @​doobrie
• test_generate_file_verbose_template_syntax_error fixed (#​1671) @​MaciejPatro
• Removed changes related to setuptools_scm (#​1629) @​ozer550
• Feature/local extensions (#​1240) @​mwesterhof

CI/CD and QA changes

• Check manifest: pre-commit, fixes, cleaning (#​1683) @​jensens
• Follow PyPA guide to release package using GitHub Actions. (#​1682) @​ericof

Documentation updates

• Fix typo in dict_variables.rst (#​1680) @​ericof
• Documentation overhaul (#​1677) @​jensens
• Fixed incorrect link on docs. (#​1649) @​luzfcb

Bugfixes

• Restore accidentally deleted support for click 8.x (#​1643) @​jaklan

This release was made possible by our wonderful contributors:

@​doobrie, @​jensens, @​ericof, @​luzfcb

v1.7.3

Compare Source

• Fixed jinja2 and markupsafe dependencies

v1.7.2

Compare Source

• Fixed: Jinja2&Six version limits causing build errors with ansible project @​insspb (#​1385)

v1.7.1

Compare Source

This release was focused on internal code and CI/CD changes. During this release
all code was verified to match pep8, pep257 and other code-styling guides.
Project CI/CD was significantly changed, Windows platform checks based on Appveyor
engine was replaced by GitHub actions tests. Appveyor was removed. Also our
CI/CD was extended with Mac builds, to verify project builds on Apple devices.

Important Changes:

• Added: Added debug messages for get_user_config @​ssbarnea (#​1357)
• Multiple templates per one repository feature added. @​RomHartmann (#​1224, #​1063)
• Update replay.py json.dump indent for easy viewing @​nicain (#​1293)
• 'future' library replaced with 'six' as a more lightweight python porting library @​asottile (#​941)
• Added extension: Slugify template filter @​ppanero (#​1336)
• Added command line option: --skip-if-file-exists, allow to skip the existing files when doing overwrite_if_exists. @​chhsiao1981 (#​1076)
• Some packages versions limited to be compatible with python2.7 and python 3.5 @​insspb (#​1349)

Internal CI/CD and tests changes:

• Coverage comment in future merge requests disabled @​ssbarnea (#​1279)
• Fixed Python 3.8 travis tests and setup.py message @​insspb (#​1295, #​1297)
• Travis builds extended with Windows setup for all supported python versions @​insspb (#​1300, #​1301)
• Update .travis.yml to be compatible with latest travis cfg specs @​luzfcb (#​1346)
• Added new test to improve tests coverage @​amey589 (#​1023)
• Added missed coverage lines highlight to pytest-coverage report @​insspb (#​1352)
• pytest-catchlog package removed from test_requirements, as now it is included in pytest @​insspb (#​1347)
• Fixed cov-report tox invocation environment @​insspb (#​1350)
• Added: Release drafter support and configuration to exclude changelog update work and focus on development @​ssbarnea @​insspb (#​1356, #​1362)
• Added: CI/CD steps for Github actions to speedup CI/CD @​insspb (#​1360)
• Removed: Appveyor CI/CD completely removed @​insspb @​ssbarnea @​insspb (#​1363, #​1367)

Code style and docs changes:

• Added black formatting verification on lint stage + project files reformatting @​ssbarnea @​insspb (#​1368)
• Added pep257 docstring for tests/* files @​insspb (#​1369, #​1370, #​1371, #​1372, #​1373, #​1374, #​1375, #​1376, #​1377, #​1378, #​1380, #​1381)
• Added pep257 docstring for tests/conftests.py @​kishan (#​1272, #​1263)
• Added pep257 docstring for tests/replay/conftest.py @​kishan (#​1270, #​1268)
• Added pep257 docstring for docs/init.py @​kishan (#​1273, #​1265)
• Added missing docstring headers to all files @​croesnick (#​1269, #​1283)
• Gitter links replaced by Slack in README @​browniebroke (#​1282)
• flake8-docstrings tests added to CI/CD @​ssbarnea (#​1284)
• Activated pydocstyle rule: D401 - First line should be in imperative mood @​ssbarnea (#​1285)
• Activated pydocstyle rule: D200 - One-line docstring should fit on one line with quotes @​ssbarnea (#​1288)
• Activated pydocstyle rule: D202 - No blank lines allowed after function docstring @​ssbarnea (#​1288)
• Activated pydocstyle rule: D205 - 1 blank line required between summary line and description @​ssbarnea (#​1286, #​1287)
• Activated pydocstyle rule: ABS101 @​ssbarnea (#​1288)
• Replaced click documentation links to point to version 7 @​igorbasko01 (#​1303)
• Updated submodule link to latest version with documentation links fix @​DanBoothDev (#​1388)
• Fixed links in main README file. @​insspb (#​1342)
• Fix indentation of .cookiecutterrc in README.md @​mhsekhavat (#​1322)
• Changed format of loggers invocation @​insspb (#​1307)

---

Configuration

📅 Schedule: Branch creation - "" in timezone America/Los_Angeles, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.