⬆(deps): Bump bleach from 4.1.0 to 5.0.0

[dependabot[bot]]

Bumps bleach from 4.1.0 to 5.0.0.

Changelog

Sourced from bleach's changelog.

Version 5.0.0 (April 7th, 2022)

Backwards incompatible changes

• clean and linkify now preserve the order of HTML attributes. Thank you, @​askoretskly! (#566)

• Drop support for Python 3.6. Thank you, @​hugovk! (#629)

• CSS sanitization in style tags is completely different now. If you're using Bleach clean to sanitize css in style tags, you'll need to update your code and you'll need to install the css extras::

  pip install 'bleach[css]'
  

  See the documentation on sanitizing CSS for how to do it <https://bleach.readthedocs.io/en/latest/clean.html#sanitizing-css>_. (#633)

Bug fixes

• Rework dev dependencies. We no longer have requirements-dev.in/requirements-dev.txt. Instead, we're using dev extras.

  See development docs <https://bleach.readthedocs.io/en/latest/dev.html>_ for more details. (#620)

• Add newline when dropping block-level tags. Thank you, @​jvanasco! (#369)

Commits

• 3ad3dfb Merge pull request #653 from willkg/release_5_0_0
• c2aa152 Make it clearer security bugs go through a different channel
• b4b2eaa Add css extra to installing dev requirements
• 2955ae6 Fix manifest
• fd98611 Add link to sanitizing CSS docs; fix css docs
• 8fe97db Prep for 5.0.0 release
• 5d22f98 Merge pull request #652 from willkg/fix-docs
• 95789c5 Fix building docs on readthedocs
• a14d412 Merge pull request #651 from willkg/369-whitespace
• 8a6f2bb Fix apostrophe
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov[bot]]

Codecov Report

Merging #438 (099c99e) into dev (248108b) will increase coverage by 0.00%. The diff coverage is 100.00%.

@@           Coverage Diff           @@
##              dev     #438   +/-   ##
=======================================
  Coverage   88.54%   88.54%           
=======================================
  Files         134      134           
  Lines        5272     5273    +1     
=======================================
+ Hits         4668     4669    +1     
  Misses        604      604           

Impacted Files	Coverage Δ
web/multilingual/formfields.py	94.33% <100.00%> (+0.10%)	:arrow_up:

---

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 248108b...099c99e. Read the comment docs.