Bump ujson from 4.0.2 to 5.7.0

[dependabot[bot]]

Bumps ujson from 4.0.2 to 5.7.0.

Release notes

Sourced from ujson's releases.

5.7.0

Added

• Support ujson.loads(bytearray(...)) and other bytes-like objects. (#573) @​bwoodsend

5.6.0

Added

• Update vendored double-conversion to 3.2.1 (#570) @​joemarshall

Fixed

• Fix len integer overflow issue (#567) @​marioga

5.5.0

Added

• Add support for Python 3.11 and PyPy3.9 (#564) @​hugovk
• Add separators encoding parameter (#557) @​JustAnotherArchivist

Fixed

• Fix encoding of infinity (#80). (#562) @​bwoodsend

5.4.0

Added

• Add support for arbitrary size integers (#548) @​JustAnotherArchivist

Fixed

• CVE-2022-31116:
  • Replace wchar_t string decoding implementation with a uint32_t-based one (#555) @​JustAnotherArchivist
  • Fix handling of surrogates on decoding (#550) @​JustAnotherArchivist
• CVE-2022-31117: Potential double free of buffer during string decoding @​JustAnotherArchivist
• Fix memory leak on encoding errors when the buffer was resized (#549) @​JustAnotherArchivist
• Integer parsing: always detect overflows (#544) @​NaN-git
• Fix handling of surrogates on encoding (#530) @​JustAnotherArchivist

5.3.0

Added

• Test Python 3.11 beta (#539) @​hugovk

Changed

• Benchmark refactor - argparse CLI (#533) @​Erotemic

Fixed

... (truncated)

Commits

• 7ae42dc Merge pull request #575 from ultrajson/pre-commit-ci-update-config
• 6811883 [pre-commit.ci] pre-commit autoupdate
• 1876c02 Limit loading from bytes-like to just bytes() and bytearray() on PyPy.
• 87dd117 Support ujson.loads(bytearray(...)) and other bytes-like objects.
• 1860724 Merge pull request #571 from ultrajson/all-repos_autofix_add-3.12-dev
• abb4951 Test Python 3.12-dev
• 2907fde Update vendored double-conversion to 3.2.1 (#570)
• 13da58c Merge pull request #569 from ultrajson/3.11-dev-to-3.11
• 7d5e8fc Replace 3.11-dev with 3.11
• 87c74e3 Merge pull request #568 from ultrajson/all-repos_autofix_all-repos-sed
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)