build(deps): update jsonpickle requirement from ~=3.3.0 to ~=4.0.0

[dependabot]

Updates the requirements on jsonpickle to permit the latest version.

Changelog

Sourced from jsonpickle's changelog.

v4.0.0

* **Breaking Change**: Python 3.7 is no longer supported.
* **Breaking Change**: Support for pre-0.7.0 ``repr``-serialized objects is no
  longer enabled by default. The ``safe`` option to ``decode()`` was changed from
  ``False`` to ``True``. Users can still pass ``safe=False`` to ``decode()`` in order
  to enable this feature for the purposes of loading older files, but beware that
  this feature relies on unsafe behavior through its use of ``eval()``. Users are
  encouraged to re-pickle old data in order to migrate away from the the unsafe loading
  feature. (+514)
* The pickler no longer produces ``py/repr`` tags when pickling modules.
  ``py/mod`` is used instead, as it is clearer and uses one less byte. (+514)
* The test suite no longer uses the deprecated ``datetime.datetime.utcnow()``
  function. (+539)

v3.4.2

* The breaking changes from v4 were inadvertedly included in v3.4.1, which has
  been yanked. This release remedies this by reverting the v4 changes.

v3.4.1

* Support decoding pandas dataframes encoded with versions 3.3.0 and older. (+536)

v3.4.0

* Officially support Python 3.12 in the GitHub Actions testing matrix, and update
  GHA package versions used. (+524)
* Improve reproducibility of benchmarking commands on Linux by using taskset and
  adding a "HOWTO" run benchmarks section in ``benchmarking/README.md``. (+526)
* The ``setup.cfg`` packaging configuration has been replaced by
  ``pyproject.toml``. (+527)
* ``yaml`` is now supported as a jsonpickle backend. (+528)
* `OSSFuzz <https://github.com/google/oss-fuzz>`_ scripts are now available in
  the ``fuzzing/`` directory. (+525)
* Pure-python dtypes are now preserved across ``encode()``/``decode()`` roundtrips
  for the pandas extension. ([#407](https://github.com/jsonpickle/jsonpickle/issues/407)) (+534)
* Pandas dataframe columns with an ``object`` dtype that contain multiple different
  types within (e.g. a column of type ``list[Union[str, int]]``) now preserve the types
  upon being roundtripped. ([#457](https://github.com/jsonpickle/jsonpickle/issues/457)) ([#358](https://github.com/jsonpickle/jsonpickle/issues/358)) (+534)
* Fix warnings in the test suite regarding numpy.compat usage. ([#533](https://github.com/jsonpickle/jsonpickle/issues/533)) (+535)

v3.3.0

* The unpickler was updated to avoid using ``eval``, which helps improve its
  security. Users can still pass ``safe=False`` to ``decode`` to use the old
  behavior, though this is not recommended. (+513)
* Objects can now exclude specific attributes from pickling by providing a
  ``_jsonpickle_exclude`` class or instance attribute. This attribute should contain
  the list of attribute names to exclude when pickling the object.

... (truncated)

Commits

• 0c693ba jsonpickle v4.0.0
• 7ebffbc ci: create a github release when tags are pushed (#540)
• d435e70 Merge pull request #538 from davvid/v4
• b08c6b5 jsonpickle v4.0.0
• aa4d161 Revert "API: remove breaking changes for v3.4.2"
• 5e0a6d4 Merge pull request #539 from davvid/datetime-utcnow-deprecation
• 744fb10 tests: datetime.datetime.utcnow() is deprecated
• bc6f408 Merge pull request #510 from kloczek/main
• 2d45364 tests: remove the issue281 decorator
• 6bb5f6f tests: use context managers when opening files
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

Superseded by #86.