Update jsonpickle to 4.0.1

[pyup-bot]

This PR updates jsonpickle from 2.1.0 to 4.0.1.

Changelog

4.0.1

======
 * The unpickler is now more resilient to malformed "py/reduce", "py/set",
   "py/tuple", "py/b64", "py/b85", and "py/iterator" input data. (+544) (+545)
 * The test suite was updated to leverage more pytest features.
 * The ``jsonpickle.compat`` module is no longer used. It is still provided
   for backwards compatibility but it may be removed in a future version.

4.0.0

======
 * **Breaking Change**: Python 3.7 is no longer supported.
 * **Breaking Change**: Support for pre-0.7.0 ``repr``-serialized objects is no
   longer enabled by default. The ``safe`` option to ``decode()`` was changed from
   ``False`` to ``True``. Users can still pass ``safe=False`` to ``decode()`` in order
   to enable this feature for the purposes of loading older files, but beware that
   this feature relies on unsafe behavior through its use of ``eval()``. Users are
   encouraged to re-pickle old data in order to migrate away from the the unsafe loading
   feature. (+514)
 * The pickler no longer produces ``py/repr`` tags when pickling modules.
   ``py/mod`` is used instead, as it is clearer and uses one less byte. (+514)
 * The test suite no longer uses the deprecated ``datetime.datetime.utcnow()``
   function. (+539)

3.4.2

======
 * The breaking changes from v4 were inadvertedly included in v3.4.1, which has
   been yanked. This release remedies this by reverting the v4 changes.

3.4.1

======
 * Support decoding pandas dataframes encoded with versions 3.3.0 and older. (+536)

3.4.0

======
 * Officially support Python 3.12 in the GitHub Actions testing matrix, and update
   GHA package versions used. (+524)
 * Improve reproducibility of benchmarking commands on Linux by using taskset and
   adding a "HOWTO" run benchmarks section in ``benchmarking/README.md``. (+526)
 * The ``setup.cfg`` packaging configuration has been replaced by
   ``pyproject.toml``. (+527)
 * ``yaml`` is now supported as a jsonpickle backend. (+528)
 * `OSSFuzz <https://github.com/google/oss-fuzz>`_ scripts are now available in
   the ``fuzzing/`` directory. (+525)
 * Pure-python dtypes are now preserved across ``encode()``/``decode()`` roundtrips
   for the pandas extension. (407) (+534)
 * Pandas dataframe columns with an ``object`` dtype that contain multiple different
   types within (e.g. a column of type ``list[Union[str, int]]``) now preserve the types
   upon being roundtripped. (457) (358) (+534)
 * Fix warnings in the test suite regarding numpy.compat usage. (533) (+535)

3.3.0

======
 * The unpickler was updated to avoid using ``eval``, which helps improve its
   security. Users can still pass ``safe=False`` to ``decode`` to use the old
   behavior, though this is not recommended. (+513)
 * Objects can now exclude specific attributes from pickling by providing a
   ``_jsonpickle_exclude`` class or instance attribute. This attribute should contain
   the list of attribute names to exclude when pickling the object.

3.2.2

======
 * A bug with the incorrect (de)serialization of NoneType objects has been fixed.
   (+507)
 * ``tests/benchmark.py`` was updated to avoid Python 2 syntax. (+508)
 * The unpickler was updated to avoid creating temporary functions. (+508)
 * Some basic scripts have been made to analyze benchmark results. (+511)
 * Fix test suite compatibility with Numpy 2.x (+512)
 * `setup.cfg` was updated to use `license_files` instead of `license_file`.

3.2.1

======
 * The ``ignorereserved`` parameter to the private ``_restore_from_dict()``
   function has been restored for backwards compatibility. (+501)

3.2.0

======
 * Nested dictionaries in `py/state` are now correctly restored when
   tracking object references. (+501) (500)

3.1.0

======
 * `jsonpickle.ext.numpy.register_handlers` now provides options that are forwarded
   to the `NumpyNDArrayHandler` constructor. (+489)
 * Fix bug of not handling ``classes`` argument to `jsonpickle.decode`
   being a dict. Previously, the keys were ignored and only values were
   used. (+494)
 * Allow the ``classes`` argument to `jsonpickle.pickle` to have class
   objects as keys. This extends the current functionality of only having
   class name strings as keys. (+494)
 * The ``garden setup/dev`` action and ``requirements-dev.txt`` requirements file
   now include test dependencies for use during development.
 * Added support for Python 3.13. (+505) (504)

3.0.4

======
 * Fixed an issue with django.SafeString and other classes inheriting from
   str having read-only attribute errors (478) (+481)
 * The test suite was made compatible with `pytest-ruff>=0.3.0`. (+482)
 * A `garden.yaml` file was added for use with the
   `garden <https://crates.io/crates/garden-tools>_` command runner. (+486)
 * The test suite was updated to avoid deprecated SQLALchemy APIs.
 * The `jaraco.packaging.sphinx` documentation dependency was removed.

3.0.3

======
 * Compatibilty with Pandas and Cython 3.0 was added. (460) (+477)
 * Fixed a bug where pickling some built-in classes (e.g. zoneinfo) 
   could return a ``None`` module. (447)
 * Fixed a bug where unpickling a missing class would return a different object
   instead of ``None``. (+471)
 * Fixed the handling of missing classes when setting ``on_missing`` to ``warn``
   or ``error``. (+471)
 * The test suite was made compatible with Python 3.12.
 * The tox configuration was updated to generate code coverage reports.
 * The suite now uses ``ruff`` to validate python code.
 * The documentation can now be built offline when ``rst.linker`` and
   ``jaraco.packaging.sphinx`` are not available.

3.0.2

======
 * Properly raise warning if a custom pickling handler returns None. (433)
 * Fix issue with serialization of certain sklearn objects breaking when
   the numpy handler was enabled. (431) (+434)
 * Allow custom backends to not implement _encoder_options (436) (+446)
 * Implement compatibility with pandas 2 (+446)
 * Fix encoding/decoding of dictionary subclasses with referencing (+455)
 * Fix depth tracking for list/dict referencing (+456)

3.0.1

======
 * Remove accidental pin of setuptools to versions below 59. This allows
   jsonpickle to build with CPython 3.11 and 3.12 alphas. (424)
 * Remove accidental dependency on pytz in pandas tests. (+421)
 * Fix issue with decoding bson.bson.Int64 objects (422)

3.0.0

======
 * Drop support for CPython<3.7. CPython 3.6 and below have reached EOL
   and no longer receive security updates. (375)
 * Add support for CPython 3.11. (395) (+396)
 * Remove jsonlib and yajl backends (py2 only)
 * Add ``include_properties`` option to the pickler. This should only
   be used if analyzing generated json outside of Python. (297) (+387)
 * Allow the ``classes`` argument to ``jsonpickle.decode`` to be a dict
   of class name to class object. This lets you decode arbitrary dumps
   into different classes. (148) (+392)
 * Fix bug with deserializing `numpy.poly1d`. (391)
 * Allow frozen dataclasses to be deserialized. (240)
 * Fixed a bug where pickling a function could return a ``None`` module. (399)
 * Removed old bytes/quopri and ref decoding abaility from the unpickler.
   These were last used in jsonpickle<1. Removing them causes a slight speedup
   in unpickling lists (~5%). (+403)
 * Fixed a bug with namedtuples encoding on CPython 3.11. (411)
 * When using the ``sort_keys`` option for the ``simplejson`` backend,
   jsonpickle now produces correct object references with py/id tags. (408)
 * Speed up the internal method ``_restore_tags`` by ~10%. This should speed
   up unpickling of almost every object.

2.2.0

======

 * Classes with a custom ``__getitem__()`` and ``append()``
   now pickle properly. (362) (+379)
 * Remove the demjson backend, as demjson hasn't been maintained
   for 5 years. (+379)
 * Added new handler for numpy objects when using unpickleable=False.
   (381) (+382)
 * Added exception handling for class attributes that can't be accessed.
   (301) (+383)
 * Added a long-requested on_missing attribute to the Unpickler class.
   This lets you choose behavior for when jsonpickle can't find a class
   to deserialize to. (190) (193) (+384)
 * Private members of ``__slots__`` are no longer skipped when encoding.
   Any objects encoded with versions prior to 2.2.0 should still decode
   properly. (318) (+385)

Links

• PyPI: https://pypi.org/project/jsonpickle
• Changelog: https://data.safetycli.com/changelogs/jsonpickle/