chore(deps): bump importlib-metadata from 4.8.1 to 4.10.1

[dependabot[bot]]

Bumps importlib-metadata from 4.8.1 to 4.10.1.

Changelog

Sourced from importlib-metadata's changelog.

v4.10.1

v2.1.3

• #361: Avoid potential REDoS in EntryPoint.pattern.

v4.10.0

• #354: Removed Distribution._local factory. This functionality was created as a demonstration of the possible implementation. Now, the pep517 <https://pypi.org/project/pep517>_ package provides this functionality directly through pep517.meta.load <https://github.com/pypa/pep517/blob/a942316305395f8f757f210e2b16f738af73f8b8/pep517/meta.py#L63-L73>_.

v4.9.0

• Require Python 3.7 or later.

v4.8.3

• #357: Fixed requirement generation from egg-info when a URL requirement is given.

v4.8.2

v2.1.2

• #353: Fixed discovery of distributions when path is empty.

Commits

• 67cd67f Merge pull request #363 from python/bugfix/361-regexp-perf
• 5516095 Update changelog
• aa4f879 Refactor regular expression to avoid expensive backtracking on contrived entr...
• 4dbecdb Add test capturing undesirable performance. Ref #361.
• 9491ef9 Merge pull request #354 from FFY00/remove-distribution-local
• 1f6fe1e Merge branch 'main' into remove-distribution-local
• 4a2f7d5 Update changelog.
• e59f3b6 Remove pep517 dependency and LocalPackage fixture, no longer used.
• 5ad9047 Merge https://github.com/jaraco/skeleton
• eca1c4c Remove filtered warnings, addressed upstream.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.