[Licenses Inventory] Bump requests from 2.28.1 to 2.31.0 (#124)

* chore(deps): Bump requests in /toolbox/LicensesInventory

Bumps [requests](https://github.com/psf/requests) from 2.28.1 to 2.31.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md)
- [Commits](psf/requests@v2.28.1...v2.31.0)

---
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

* chore: update CHANGELOG and THIRD-PARTY with requests new version

Signed-off-by: Pierre-Yves Lapersonne <pierreyves.lapersonne@orange.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Pierre-Yves Lapersonne <pierreyves.lapersonne@orange.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Pierre-Yves Lapersonne <pierreyves.lapersonne@orange.com>

Author: dependabot[bot]

CHANGELOG.md

@@ -7,13 +7,20 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## Unreleased
 
+### Added
+
+- [Utils] Add metrics and improve outputs for third-party generator scripts
+
 ### Changed
 
 - [Project] Plug Renovate, Gitleaks ([#112](https://github.com/Orange-OpenSource/floss-toolbox/issues/112))
 - [Licenses Inventory] Improve requirements for Python modules in use ([#108](https://github.com/Orange-OpenSource/floss-toolbox/issues/108))
 - [Project] Apply REUSE standards ([#114](https://github.com/Orange-OpenSource/floss-toolbox/issues/114))
-- [Utils] Add metrics and improve outputs for third-party generator scripts
-- [Project] Improve a bit CHANGELOG by leading-scope-keyword for each line
+- [Project] Improve a bit CHANGELOG by leading scope keyword for each line
+
+### Security
+
+- [Licenses Inventory] Bump requests from 2.28.1 to 2.31.0 ([#3](https://github.com/Orange-OpenSource/floss-toolbox/security/dependabot/3))
 
 ## [2.15.0] - 2024-03-12
 

README.md

@@ -52,6 +52,7 @@ bash dry-run.sh
 
 [Renovate](https://docs.renovatebot.com/) is used to as to try to keep updated dependencies of the project.
 A _renovate.json_ must be added at the project root with cofiguration details ; but **the organization admins must enable it** (through the [admin console](https://developer.mend.io/)).
+By default [Dependabot](https://docs.github.com/fr/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security#what-is-dependabot) was enabled for this project but has been replaced by _Renovate_.
 
 ### Gitleaks
 
@@ -65,7 +66,3 @@ This key (dedicated to organization) has been asked to the *Gitleaks* team and r
 
 The *Developer Certificate of Origin* is applied here thanks to a [Probot bot](https://probot.github.io/apps/dco/).
 On pull requests all commits must be signed off. This control is processed in an action.
-
-### Dependabot
-
-By default [Dependabot](https://docs.github.com/fr/code-security/supply-chain-security/understanding-your-software-supply-chain/about-supply-chain-security#what-is-dependabot) is enabled for this project.

THIRD-PARTY.md

@@ -58,7 +58,7 @@ You may download the source code on the [following website](https://github.com/p
 
 ### requests
 
-Version 2.28.1
+Version 2.31.0
 
 Copyright (c) 2019 Kenneth Reitz
 

toolbox/LicensesInventory/requirements.txt

@@ -1,4 +1,4 @@
 beautifulsoup4==4.10.0
 pytest==7.2.1
-requests==2.28.1
+requests==2.31.0
 xmltodict==0.13.0