chore(deps): update geoip2 requirement from ==4.* to ==5.*

[dependabot]

Updates the requirements on geoip2 to permit the latest version.

Release notes

Sourced from geoip2's releases.

5.2.0

• IMPORTANT: Python 3.10 or greater is required. If you are using an older version, please use an earlier release.
• maxminddb has been upgraded to 3.0.0. This includes free-threading support.
• Setuptools has been replaced with the uv build backend for building the package.
• A new anonymizer object has been added to geoip2.models.Insights. This object is a geoip2.records.Anonymizer and contains the following fields: confidence, network_last_seen, provider_name, is_anonymous, is_anonymous_vpn, is_hosting_provider, is_public_proxy, is_residential_proxy, and is_tor_exit_node. These provide information about VPN and proxy usage.
• A new ip_risk_snapshot property has been added to geoip2.records.Traits. This is a float ranging from 0.01 to 99 that represents the risk associated with the IP address. A higher score indicates a higher risk. This field is only available from the Insights end point.
• The following properties on geoip2.records.Traits have been deprecated: is_anonymous, is_anonymous_vpn, is_hosting_provider, is_public_proxy, is_residential_proxy, and is_tor_exit_node. Please use the anonymizer object in the Insights model instead.

Changelog

Sourced from geoip2's changelog.

5.2.0 (2025-11-20) ++++++++++++++++++

• IMPORTANT: Python 3.10 or greater is required. If you are using an older version, please use an earlier release.
• maxminddb has been upgraded to 3.0.0. This includes free-threading support.
• Setuptools has been replaced with the uv build backend for building the package.
• A new anonymizer object has been added to geoip2.models.Insights. This object is a geoip2.records.Anonymizer and contains the following fields: confidence, network_last_seen, provider_name, is_anonymous, is_anonymous_vpn, is_hosting_provider, is_public_proxy, is_residential_proxy, and is_tor_exit_node. These provide information about VPN and proxy usage.
• A new ip_risk_snapshot property has been added to geoip2.records.Traits. This is a float ranging from 0.01 to 99 that represents the risk associated with the IP address. A higher score indicates a higher risk. This field is only available from the Insights end point.
• The following properties on geoip2.records.Traits have been deprecated: is_anonymous, is_anonymous_vpn, is_hosting_provider, is_public_proxy, is_residential_proxy, and is_tor_exit_node. Please use the anonymizer object in the Insights model instead.

5.1.0 (2025-05-05) ++++++++++++++++++

• Support for the GeoIP Anonymous Plus database has been added. To do a lookup in this database, use the anonymous_plus method on Reader.
• Reorganized module documentation to improve language-server support.

5.0.1 (2025-01-28) ++++++++++++++++++

• Allow ip_address in the Traits record to be None again. The primary use case for this is from the minfraud package.

5.0.0 (2025-01-28) ++++++++++++++++++

• BREAKING: The raw attribute on the model classes has been replaced with a to_dict() method. This can be used to get a representation of the object that is suitable for serialization.
• BREAKING: The ip_address property on the model classes now always returns a ipaddress.IPv4Address or ipaddress.IPv6Address.
• BREAKING: The model and record classes now require all arguments other than locales and ip_address to be keyword arguments.
• BREAKING: geoip2.mixins has been made internal. This normally would not have been used by external code.
• IMPORTANT: Python 3.9 or greater is required. If you are using an older

... (truncated)

Commits

• d6cd6a0 Update for v5.2.0
• 0a8e9fd Run uv via tox
• 818b170 Add tox-uv as a dev dep
• 4a85021 Add check to ensure that we are not on main
• 734ee82 Update file path
• 8861e4a Set release date
• 025cbe3 Merge pull request #285 from maxmind/dependabot/uv/ruff-0.14.5
• 469afb0 Bump ruff from 0.14.4 to 0.14.5
• e57ba2f Merge pull request #284 from maxmind/dependabot/github_actions/astral-sh/setu...
• d834949 Merge pull request #281 from maxmind/greg/eng-3310-ip-risk-and-anonymous-plus...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)