chore(deps): update wrapt requirement from <2 to <3

[dependabot]

Updates the requirements on wrapt to permit the latest version.

Release notes

Sourced from wrapt's releases.

wrapt 2.2.1

Full release notes: https://wrapt.readthedocs.io/en/latest/changes.html#version-2-2-1

Install from PyPi (recommended):

pip install wrapt==2.2.1

PyPi uploads follow each GitHub release; if pip reports the version is unavailable, the matching PyPi upload may not have happened yet.

Pre-built wheels are provided for a range of Python versions and platforms (Linux x86_64/aarch64/riscv64, macOS x86_64 and arm64, Windows x86_64 and arm64, plus PyPy and free-threaded builds). The source distribution is also attached together with SHA256SUMS for verification.

Changelog

Sourced from wrapt's changelog.

Version 2.2.1

Bugs Fixed

• Reverted the change in 2.2.0 which had aligned the C implementation of FunctionWrapper.__get__ with the pure Python implementation by substituting Py_None for NULL before invoking the wrapped descriptor's __get__ slot. The change was based on a misreading of what the pure Python path does once it crosses back into C. The pure Python path calls self.__wrapped__.__get__(None, owner) from Python, and for any built-in descriptor that call is dispatched through the __get__ slot wrapper inside CPython, which converts Py_None back to NULL before the wrapped descriptor's tp_descr_get is invoked. The pre 2.2.0 C path called tp_descr_get directly with obj as received, which is NULL on class access, so it was already producing the same value the Python path produces after the slot wrapper's Py_None to NULL conversion. Substituting Py_None for NULL before tp_descr_get was called caused the wrapped descriptor to see a value it would never see during ordinary class attribute lookup. Native CPython descriptors other than func_descr_get fast path on obj == NULL and return the descriptor unchanged. With Py_None substituted in they fall through to a type check against the owner type of the descriptor, and NoneType does not satisfy that check, so a TypeError is raised. This broke class attribute access for any built-in or C extension descriptor (method_descriptor, wrapper_descriptor, getset_descriptor, member_descriptor) wrapped by @wrapt.decorator or @wrapt.function_wrapper. The failure mode is most likely to show up in instrumentation libraries that monkey patch built-in methods onto classes and where some inspection or binding step then accesses the wrapped attribute through the class. The existing test suite did not catch the regression because all wrappers in the test suite are applied to pure Python functions, whose func_descr_get slot treats NULL and Py_None equivalently. A new regression test has been added which wraps a method_descriptor and exercises class attribute access, so the missing coverage of non-function descriptors is now in place. With thanks to brettlangdon <https://github.com/brettlangdon>_ for reporting the regression and identifying the underlying cause.

Version 2.2.0

A special thanks to devdanzin <https://github.com/devdanzin>_ for providing an extremely useful analysis of issues in the wrapt C extension. Their analysis led to the majority of the fixes and updates in this release and their help is much appreciated.

New Features

... (truncated)

Commits

• 787db02 Merge branch 'release/2.2.1'
• da8f21f Update to 2.2.1 for final release.
• d89dce9 Skip CPython specific descriptor tests on PyPy.
• 86f4e0e Go with 2.2.1rc1 instead of 2.2.1.dev1.
• 94bd940 Run descriptor get tests against both implementations.
• 00541d5 Merge branch 'develop' of github.com:GrahamDumpleton/wrapt into develop
• daddcfe Merge pull request #341 from brettlangdon/brettlangdon/descriptor.tests
• 0583a12 Revert Py_None substitution in C FunctionWrapper.get.
• f8d4a2e Add test coverage for native descriptors
• 0dbbba1 Update to 2.2.1.dev1 to test fixes.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)