vulnerability patching for cryptography and pyopenssl

chore: Pysaml2 updates (off-ticket) (#47)

# Description

Move to using [uktrade forked
pysaml2](https://github.com/uktrade/pysaml2) repository due to lack of
maintenance to
the origianl
[IdentityPython/pysaml2](https://github.com/IdentityPython/pysaml2)
repository.
This allows fixing of high priority vulnerabilities to both pyopenssl
and cryptography packages.

## Contributors

@adamwozencroft 

## Type of change

- [x] Refactoring (made code better without changing its behaviour)
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to not work as expected)

## How this has been tested

Local pytests are all passing using the new packages. 

## Checklist

- [x] I have performed a self-review of my code
- [ ] I have commented my code in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings

## Reviewer Checklist

- [ ] I have reviewed the PR and ensured no secret values are present

---------

Co-authored-by: Aadam Ali <57071686+aadam-ali@users.noreply.github.com>

fix GH actions workflow and minor package patching

Fix gh actions workflow (#43)

# Description

Work to fix failing GH actions workflow during the merge to main step. 
Workflow was failing as the pytest coverage PR comment did not have a PR
to comment against.
Added a conditional statement to only run that step on pull requests.

Fixed some minor vulnerabilities, all pytests passing locally. 

## Contributors

👀 

## Type of change

- [x] Refactoring (made code better without changing its behaviour)
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to not work as expected)

## How this has been tested

Please describe the tests that you ran to verify your changes.

If they are not automated tests please explain why and provide
screenshots and/or instructions so they can reproduced.

## Checklist

- [x] I have performed a self-review of my code
- [ ] I have commented my code in hard-to-understand areas
- [ ] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings

## Reviewer Checklist

- [x] I have reviewed the PR and ensured no secret values are present

internal repo changes to use Poetry and GitHub actions

Dependabot fixes (#39)

# Description

Need to update this repo in order to update Staff SSO. 
Moved to a single package management system (Poetry) rather than Poetry
for local and requirements for tests/build.

Updated the README with the new poetry commands and have done some
vulnerability updates.
Unfortunately still cannot update Cryptography due to the dependency on
pysaml2 which is waiting on a fix.

## Contributors

👀 

## Type of change

- [x] Refactoring (made code better without changing its behaviour)
- [ ] Bug fix (non-breaking change which fixes an issue)
- [ ] New feature (non-breaking change which adds functionality)
- [ ] Breaking change (fix or feature that would cause existing
functionality to not work as expected)

## How this has been tested

All local pytests are passing. 

## Checklist

- [x] I have performed a self-review of my code
- [ ] I have commented my code in hard-to-understand areas
- [x] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings

## Reviewer Checklist

- [x] I have reviewed the PR and ensured no secret values are present

---------

Co-authored-by: Aadam Ali <57071686+aadam-ali@users.noreply.github.com>

fix critical django vulnerability

Fixed critical django vulnerability by bumping version from 4.2.25 to 4.2.27.

Also bumped urllib3 from 2.4.0 to 2.6.0

django vulnerability patching

Merge pull request #16 from uktrade/SR3897

SR3897 - Fix Django dependabot vulnerability

remove upper Django version restriction

Merge pull request #12 from uktrade/SR3847

SR3847 - Remove upper restriction on Django version

fixing xml internal entity expansion vulnerability

Merge pull request #11 from uktrade/SR3652_part_iii

SR-3652 part iii - revenge of the log formatter

vulnerability patching and removal of pylama

Merge pull request #10 from uktrade/SR3652_part_ii

SR3652 part ii - attack of the dependabots

vulnerability patching

several high and medium vulnerabilities of dependant packages updated.

Version consistency patch

v0.9.1

Update version