build(deps): bump cbor2 from 5.7.1 to 5.8.0

[dependabot]

Bumps cbor2 from 5.7.1 to 5.8.0.

Release notes

Sourced from cbor2's releases.

5.8.0

• Added readahead buffering to C decoder for improved performance. The decoder now uses a 4 KB buffer by default to reduce the number of read calls. Benchmarks show 20-140% performance improvements for decoding operations. (#268; PR by @​andreer)
• Fixed Python decoder not preserving share index when decoding array items containing nested shareable tags, causing shared references to resolve to wrong objects (#267; PR by @​andreer)
• Reset shared reference state at the start of each top-level encode/decode operation (#266; PR by @​andreer)

Commits

• c77cea8 Removed macos-13 from the OS matrix
• 2320d95 Bumped up the version
• 9ff48e3 Updated pre-commit modules
• 22acea4 Updated the version history entry for #268
• c368bb3 Fixed the links and the semver declaration
• fb4ee16 Added a read-ahead buffer to the C decoder (#268)
• 0bcf400 Bump the github-actions group with 5 updates (#269)
• 7aa6cad Added dependabot config for GitHub actions
• 6409f6a Added a security policy
• 403c2ce Fixed nested shareable in arrays (python decoder only) (#267)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 97.34%. Comparing base (ae12b5b) to head (22da18b).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #653   +/-   ##
=======================================
  Coverage   97.34%   97.34%           
=======================================
  Files          32       32           
  Lines        3357     3357           
=======================================
  Hits         3268     3268           
  Misses         89       89           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.