Update pyo3 requirement from 0.23 to 0.24 in the cargo group

[dependabot]

Updates the requirements on pyo3 to permit the latest version.
Updates pyo3 to 0.23.5

Release notes

Sourced from pyo3's releases.

PyO3 0.23.5

This release is a final set of backports onto the PyO3 0.23 series:

• PyPy 3.11 support
• Fixes to #[pyclass(freelist)] on free-threaded Python 3.13
• Fix to Python::run for a case when __builtins__ is not loaded correctly on Python 3.10+

Thank you to the following contributors for the improvements:

@​arielb1 @​Icxolu @​LilyFoote @​mattip @​mgorny @​ngoldbaum

Changelog

Sourced from pyo3's changelog.

[0.23.5] - 2025-02-22

Packaging

• Add support for PyPy3.11 #4760

Fixed

• Fix thread-unsafe implementation of freelist pyclasses on the free-threaded build. #4902
• Re-enable a workaround for situations where CPython incorrectly does not add __builtins__ to __globals__ in code executed by Python::py_run (was removed in PyO3 0.23.0). #4921

[0.23.4] - 2025-01-10

Added

• Add PyList::locked_for_each, which uses a critical section to lock the list on the free-threaded build. #4789
• Add pyo3_build_config::add_python_framework_link_args build script API to set rpath when using macOS system Python. #4833

Changed

• Use datetime.fold to distinguish ambiguous datetimes when converting to and from chrono::DateTime<Tz> (rather than erroring). #4791
• Optimize PyList iteration on the free-threaded build. #4789

Fixed

• Fix unnecessary internal py.allow_threads GIL-switch when attempting to access contents of a PyErr which originated from Python (could lead to unintended deadlocks). #4766
• Fix thread-unsafe access of dict internals in BoundDictIterator on the free-threaded build. #4788

• Fix unnecessary critical sections in BoundDictIterator on the free-threaded build. #4788

• Fix time-of-check to time-of-use issues with list iteration on the free-threaded build. #4789
• Fix chrono::DateTime<Tz> to-Python conversion when Tz is chrono_tz::Tz. #4790
• Fix #[pyclass] not being able to be named Probe. #4794
• Fix not treating cross-compilation from x64 to aarch64 on Windows as a cross-compile. #4800
• Fix missing struct fields on GraalPy when subclassing builtin classes. #4802
• Fix generating import lib for PyPy when abi3 feature is enabled. #4806
• Fix generating import lib for python3.13t when abi3 feature is enabled. #4808
• Fix compile failure for raw identifiers like r#box in derive(FromPyObject). #4814
• Fix compile failure for #[pyclass] enum variants with more than 12 fields. #4832

[0.23.3] - 2024-12-03

Packaging

• Bump optional python3-dll-a dependency to 0.2.11. #4749

Fixed

• Fix unresolved symbol link failures on Windows when compiling for Python 3.13t with abi3 features enabled. #4733
• Fix unresolved symbol link failures on Windows when compiling for Python 3.13t using the generate-import-lib feature. #4749
• Fix compile-time regression in PyO3 0.23.0 where changing PYO3_CONFIG_FILE would not reconfigure PyO3 for the new interpreter. #4758

... (truncated)

Commits

• e34ad5f release: 0.23.5 (#4929)
• 7599bda Use a critical section to serialize adding builtins to globals (#4921)
• 0ab9dc6 bump benchmarks ci base image (#4912)
• ea4142b avoid FailedHealthCheck in test_double (#4879)
• e1630fb fix multithreaded access to freelist pyclasses (#4902)
• 108abb4 Fix manual_ok_err clippy lint on nightly (#4886)
• ce2d6e9 Add PyPy3.11 (#4760)
• f2a8460 release: 0.23.4
• 0c10e34 ci: updates for Rust 1.84 (#4846)
• 9ee55a3 Implement locked iteration for PyList (#4789)
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml