chore: dependencies security update

[Aleksander-Karlsson]

Type of Work

• Patch: X.Y.Z+1. NEGLIGIBLE visible changes, does not change input or output - OR changes behaviour. Use chore:, refactor: etc
• Minor: X.Y+1.Z. Minor changes, might ADD new input (YAML), or other backwards-compatible changes. Use feat:, fix:
• Major: X+1.Y.Z. Major and most likely BREAKING changes, wo. backwards compatibility, or removing temporary backwards compatibility functionality. Use ! or BREAKING:.

See here (internal): https://github.com/equinor/ecalc-internal/discussions/1044

Have you remembered and considered?

• IF FEAT: I have remembered to update documentation
• IF FIX OR FEAT: I have remembered to update manual changelog (docs/drafts/next.draft.md)
• IF BREAKING: I have remembered to update migration guide (docs/docs/migration_guides/)
• IF BREAKING: I have committed with BREAKING: in footer or ! in header
• I have added tests (if not, comment why)
• I have used conventional commits syntax (if you squash, make sure that conventional commit is used)
• I have included the Github issue nr in the footer!

What is this PR all about?

Updated version specifier for orjson in pyproject.toml to non-vulnerable version.
Update version for undici dependency in docs.

What else did you consider?

Between the lines?

[tj098895]

needed or just to be explicit?

[Aleksander-Karlsson]

Needed to ensure we do not orjson less than 3.11.6 as that is the patched version. The ~= is just the same as 3.* iirc right? That could be correct, but it also includes vulnerable versions :)

[tj098895]

good point. see that we need to document this somehow how to think of deps and ranges :)