Update dependency Babel to v2.9.1

[mend-for-github-com]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
Babel (source)	==2.2.0 -> ==2.9.1

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity	CVSS Score	CVE	Reachability
High	7.8	CVE-2021-42771

---

Release Notes

python-babel/babel (Babel)

v2.9.1

Compare Source

Bugfixes

* The internal locale-data loading functions now validate the name of the locale file to be loaded and only
  allow files within Babel's data directory.  Thank you to Chris Lyne of Tenable, Inc. for discovering the issue!

v2.9.0

Compare Source

Upcoming version support changes

* This version, Babel 2.9, is the last version of Babel to support Python 2.7, Python 3.4, and Python 3.5.

Improvements
~~~~~~~~~~~~

* CLDR: Use CLDR 37 – Aarni Koskela (:gh:`734`)
* Dates: Handle ZoneInfo objects in get_timezone_location, get_timezone_name - Alessio Bogon (:gh:`741`)
* Numbers: Add group_separator feature in number formatting - Abdullah Javed Nesar (:gh:`726`)

Bugfixes
~~~~~~~~

* Dates: Correct default Format().timedelta format to 'long' to mute deprecation warnings – Aarni Koskela
* Import: Simplify iteration code in "import_cldr.py" – Felix Schwarz
* Import: Stop using deprecated ElementTree methods "getchildren()" and "getiterator()" – Felix Schwarz
* Messages: Fix unicode printing error on Python 2 without TTY. – Niklas Hambüchen
* Messages: Introduce invariant that _invalid_pofile() takes unicode line. – Niklas Hambüchen
* Tests: fix tests when using Python 3.9 – Felix Schwarz
* Tests: Remove deprecated 'sudo: false' from Travis configuration – Jon Dufresne
* Tests: Support Py.test 6.x – Aarni Koskela
* Utilities: LazyProxy: Handle AttributeError in specified func – Nikiforov Konstantin (:gh:`724`)
* Utilities: Replace usage of parser.suite with ast.parse – Miro Hrončok

Documentation
~~~~~~~~~~~~~

* Update parse_number comments – Brad Martin (:gh:`708`)
* Add __iter__ to Catalog documentation – @​CyanNani123

v2.8.1

Compare Source

This is solely a patch release to make running tests on Py.test 6+ possible.

Bugfixes

* Support Py.test 6 - Aarni Koskela (:gh:`747`, :gh:`750`, :gh:`752`)

v2.8.0

Compare Source

Improvements

* CLDR: Upgrade to CLDR 36.0 - Aarni Koskela (:gh:`679`)
* Messages: Don't even open files with the "ignore" extraction method - @​sebleblanc (:gh:`678`)

Bugfixes
~~~~~~~~

* Numbers: Fix formatting very small decimals when quantization is disabled - Lev Lybin, @​miluChen (:gh:`662`)
* Messages: Attempt to sort all messages – Mario Frasca (:gh:`651`, :gh:`606`)

Docs
~~~~

* Add years to changelog - Romuald Brunet
* Note that installation requires pytz - Steve (Gadget) Barnes

v2.7.0

Compare Source

Possibly incompatible changes

These may be backward incompatible in some cases, as some more-or-less internal
APIs have changed. Please feel free to file issues if you bump into anything
strange and we'll try to help!

* General: Internal uses of ``babel.util.odict`` have been replaced with
  ``collections.OrderedDict`` from The Python standard library.

Improvements
~~~~~~~~~~~~

* CLDR: Upgrade to CLDR 35.1 - Alberto Mardegan, Aarni Koskela (:gh:`626`, :gh:`643`)
* General: allow anchoring path patterns to the start of a string - Brian Cappello (:gh:`600`)
* General: Bumped version requirement on pytz - @​chrisbrake (:gh:`592`)
* Messages: `pybabel compile`: exit with code 1 if errors were encountered - Aarni Koskela (:gh:`647`)
* Messages: Add omit-header to update_catalog - Cédric Krier (:gh:`633`)
* Messages: Catalog update: keep user comments from destination by default - Aarni Koskela (:gh:`648`)
* Messages: Skip empty message when writing mo file - Cédric Krier (:gh:`564`)
* Messages: Small fixes to avoid crashes on badly formatted .po files - Bryn Truscott (:gh:`597`)
* Numbers: `parse_decimal()` `strict` argument and `suggestions` - Charly C (:gh:`590`)
* Numbers: don't repeat suggestions in parse_decimal strict - Serban Constantin (:gh:`599`)
* Numbers: implement currency formatting with long display names - Luke Plant (:gh:`585`)
* Numbers: parse_decimal(): assume spaces are equivalent to non-breaking spaces when not in strict mode - Aarni Koskela (:gh:`649`)
* Performance: Cache locale_identifiers() - Aarni Koskela (:gh:`644`)

Bugfixes
~~~~~~~~

* CLDR: Skip alt=... for week data (minDays, firstDay, weekendStart, weekendEnd) - Aarni Koskela (:gh:`634`)
* Dates: Fix wrong weeknumber for 31.12.2018 - BT-sschmid (:gh:`621`)
* Locale: Avoid KeyError trying to get data on WindowsXP - mondeja (:gh:`604`)
* Locale: get_display_name(): Don't attempt to concatenate variant information to None - Aarni Koskela (:gh:`645`)
* Messages: pofile: Add comparison operators to _NormalizedString - Aarni Koskela (:gh:`646`)
* Messages: pofile: don't crash when message.locations can't be sorted - Aarni Koskela (:gh:`646`)

Tooling & docs
~~~~~~~~~~~~~~

* Docs: Remove all references to deprecated easy_install - Jon Dufresne (:gh:`610`)
* Docs: Switch print statement in docs to print function - NotAFile
* Docs: Update all pypi.python.org URLs to pypi.org - Jon Dufresne (:gh:`587`)
* Docs: Use https URLs throughout project where available - Jon Dufresne (:gh:`588`)
* Support: Add testing and document support for Python 3.7 - Jon Dufresne (:gh:`611`)
* Support: Test on Python 3.8-dev - Aarni Koskela (:gh:`642`)
* Support: Using ABCs from collections instead of collections.abc is deprecated. - Julien Palard (:gh:`609`)
* Tests: Fix conftest.py compatibility with pytest 4.3 - Miro Hrončok (:gh:`635`)
* Tests: Update pytest and pytest-cov - Miro Hrončok (:gh:`635`)

v2.6.0

Compare Source

Possibly incompatible changes

These may be backward incompatible in some cases, as some more-or-less internal APIs have changed.
Please feel free to file issues if you bump into anything strange and we'll try to help!

* Numbers: Refactor decimal handling code and allow bypass of decimal quantization. (@​kdeldycke) (PR :gh:`538`)
* Messages: allow processing files that are in locales unknown to Babel (@​akx) (PR :gh:`557`)
* General: Drop support for EOL Python 2.6 and 3.3 (@​hugovk) (PR :gh:`546`)

Other changes
~~~~~~~~~~~~~

* CLDR: Use CLDR 33 (@​akx) (PR :gh:`581`)
* Lists: Add support for various list styles other than the default (@​akx) (:gh:`552`)
* Messages: Add new PoFileError exception (@​Bedrock02) (PR :gh:`532`)
* Times: Simplify Linux distro specific explicit timezone setting search (@​scop) (PR :gh:`528`)

Bugfixes
~~~~~~~~

* CLDR: avoid importing alt=narrow currency symbols (@​akx) (PR :gh:`558`)
* CLDR: ignore non-Latin numbering systems (@​akx) (PR :gh:`579`)
* Docs: Fix improper example for date formatting (@​PTrottier) (PR :gh:`574`)
* Tooling: Fix some deprecation warnings (@​akx) (PR :gh:`580`)

Tooling & docs
~~~~~~~~~~~~~~

* Add explicit signatures to some date autofunctions (@​xmo-odoo) (PR :gh:`554`)
* Include license file in the generated wheel package (@​jdufresne) (PR :gh:`539`)
* Python 3.6 invalid escape sequence deprecation fixes (@​scop) (PR :gh:`528`)
* Test and document all supported Python versions (@​jdufresne) (PR :gh:`540`)
* Update copyright header years and authors file (@​akx) (PR :gh:`559`)

v2.5.3

Compare Source

This is a maintenance release that reverts undesired API-breaking changes that slipped into 2.5.2
(see :gh:550).

It is based on v2.5.1 (f29eccd) with commits 7cedb84, 29da2d2 and edfb518 cherry-picked on top.

v2.5.2

Compare Source

Bugfixes

* Revert the unnecessary PyInstaller fixes from 2.5.0 and 2.5.1 (:gh:`533`) (@​yagebu)

v2.5.1

Compare Source

Minor Improvements and bugfixes

* Use a fixed datetime to avoid test failures (:gh:`520`) (@​narendravardi)
* Parse multi-line __future__ imports better (:gh:`519`) (@​akx)
* Fix validate_currency docstring (:gh:`522`)
* Allow normalize_locale and exists to handle various unexpected inputs (:gh:`523`) (@​suhojm)
* Make PyInstaller support more robust (:gh:`525`, :gh:`526`) (@​thijstriemstra, @​akx)

v2.5.0

Compare Source

New Features

* Numbers: Add currency utilities and helpers (:gh:`491`) (@​kdeldycke)
* Support PyInstaller (:gh:`500`, :gh:`505`) (@​wodo)

Minor Improvements and bugfixes

• Dates: Add str to DateTimePattern (:gh:515) (@​sfermigier)
• Dates: Fix an invalid string to bytes comparison when parsing TZ files on Py3 (:gh:498) (@​rowillia)
• Dates: Formatting zero-padded components of dates is faster (:gh:517) (@​akx)
• Documentation: Fix "Good Commits" link in CONTRIBUTING.md (:gh:511) (@​naryanacharya6)
• Documentation: Fix link to Python gettext module (:gh:512) (@​Linkid)
• Messages: Allow both dash and underscore separated locale identifiers in pofiles (:gh:489, :gh:490) (@​akx)
• Messages: Extract Python messages in nested gettext calls (:gh:488) (@​sublee)
• Messages: Fix in-place editing of dir list while iterating (:gh:476, :gh:492) (@​MarcDufresne)
• Messages: Stabilize sort order (:gh:482) (@​xavfernandez)
• Time zones: Honor the no-inherit marker for metazone names (:gh:405) (@​akx)

v2.4.0

Compare Source

New Features

Some of these changes might break your current code and/or tests.

* CLDR: CLDR 29 is now used instead of CLDR 28 (:gh:`405`) (@​akx)
* Messages: Add option 'add_location' for location line formatting (:gh:`438`, :gh:`459`) (@​rrader, @​alxpy)
* Numbers: Allow full control of decimal behavior (:gh:`410`) (@​etanol)

Minor Improvements and bugfixes

• Documentation: Improve Date Fields descriptions (:gh:450) (@​ldwoolley)
• Documentation: Typo fixes and documentation improvements (:gh:406, :gh:412, :gh:403, :gh:440, :gh:449, :gh:463) (@​zyegfryed, @​adamchainz, @​jwilk, @​akx, @​roramirez, @​abhishekcs10)
• Messages: Default to UTF-8 source encoding instead of ISO-8859-1 (:gh:399) (@​asottile)
• Messages: Ensure messages are extracted in the order they were passed in (:gh:424) (@​ngrilly)
• Messages: Message extraction for JSX files is improved (:gh:392, :gh:396, :gh:425) (@​karloskar, @​georgschoelly)
• Messages: PO file reading supports multi-line obsolete units (:gh:429) (@​mbirtwell)
• Messages: Python message extractor respects unicode_literals in future (:gh:427) (@​sublee)
• Messages: Roundtrip Language headers (:gh:420) (@​kruton)
• Messages: units before obsolete units are no longer erroneously marked obsolete (:gh:452) (@​mbirtwell)
• Numbers: parse_pattern now preserves the full original pattern (:gh:414) (@​jtwang)
• Numbers: Fix float conversion in extract_operands (:gh:435) (@​akx)
• Plurals: Fix plural forms for Czech and Slovak locales (:gh:373) (@​ykshatroff)
• Plurals: More plural form fixes based on Mozilla and CLDR references (:gh:431) (@​mshenfield)

Internal improvements

* Local times are constructed correctly in tests (:gh:`411`) (@​etanol)
* Miscellaneous small improvements (:gh:`437`) (@​scop)
* Regex flags are extracted from the regex strings (:gh:`462`) (@​singingwolfboy)
* The PO file reader is now a class and has seen some refactoring (:gh:`429`, :gh:`452`) (@​mbirtwell)

v2.3.4

(Bugfix release, released on April 22th 2016)

Bugfixes

* CLDR: The lxml library is no longer used for CLDR importing, so it should not cause strange failures either. Thanks to @​aronbierbaum for the bug report and @​jtwang for the fix. (:gh:`393`)
* CLI: Every last single CLI usage regression should now be gone, and both distutils and stand-alone CLIs should work as they have in the past. Thanks to @​paxswill and @​ajaeger for bug reports. (:gh:`389`)

v2.3.3

(Bugfix release, released on April 12th 2016)

Bugfixes

* CLI: Usage regressions that had snuck in between 2.2 and 2.3 should be no more. (:gh:`386`) Thanks to @​ajaeger, @​sebdiem and @​jcristovao for bug reports and patches.

v2.3.2

Compare Source

(Bugfix release, released on April 9th 2016)

Bugfixes

* Dates: Period (am/pm) formatting was broken in certain locales (namely zh_TW). Thanks to @​jun66j5 for the bug report. (:gh:`378`, :gh:`379`)

v2.3.1

(Bugfix release because of deployment problems, released on April 8th 2016)

---

• If you want to rebase/retry this PR, check this box