Python dependency: Update flask-security-too requirement from ==5.7.* to ==5.8.*

[dependabot]

Updates the requirements on flask-security-too to permit the latest version.

Changelog

Sourced from flask-security-too's changelog.

Version 5.8.0

Released April 15, 2026

Features & Improvements +++++++++++++++++++++++

• (:pr:1170) Add API :py:meth:.UserMixin.check_tf_required to allow applications to control which users require two-factor authentication.
• (:issue:1178) Add Cache-Control headers.
• (:issue:1165) Add support for using Social Login (OAuth) for verification.
• (:issue:1188) Add tracking of failed authentication attempts via :py:meth:.UserMixin.track_failed_authn and signal :py:data:user_failed_authn
• (:issue:1192) Add API for application to decide if a particular user account is locked.

Fixes +++++

• (:issue:1179) Fix verify_password for bcrypt 5.0 (mephi42)
• (:issue:1200) Fix username_recovery w.r.t. inactive and non-confirmed users
• (:issue:1189) Return additional fields for JSON responses with QR codes

Docs and Chores +++++++++++++++

• (:pr:1150) Update de_DE translations (swaeberle)
• (:pr:1151) Update ca_ES translations (arielvb)
• (:pr:1152) Update es_ES translations (arielvb)
• (:pr:1196) Update arabic translations (samialfattani)
• (:pr:1199) Update it_IT translations (gissimo)
• (:pr:1185) Change external facing terminology from 'Social OAuth' to 'Social Login'.

Version 5.7.1

Released November 23, 2025

Fixes +++++

• (:issue:1147) Regression when updating hash algorithm from bcrypt (willcroft)

Version 5.7.0

Released November 14, 2025

This release contains a set of small backward incompatible changes. Please read these notes carefully.

Features & Improvements +++++++++++++++++++++++

• (:pr:1132) Add Arabic translations (samialfattani)
• (:issue:1123) Enable forgot-password workflow for authenticated users.

... (truncated)

Commits

• 08288df Final commit for 5.8.0
• 7ee1e83 Change name from is_allowed_authn to is_locked. (#1204)
• b93b36d Bump the github-actions group with 2 updates (#1202)
• 96858d0 Change track_failed_authn to not take endpoint name. (#1203)
• 6f0dfb1 Ensure username recovery endpoint is consistent with others. (#1201)
• 2b9b12e Chore for 5.8 (#1198)
• 7818770 IT translations for 5.7.1 (#1199)
• 927bee8 Add a new API that controls whether a user is allowed to authenticate. (#1197)
• 83e61ff update arabic translations (#1196)
• fd2993e Bump codecov/codecov-action from 5 to 6 in the github-actions group (#1194)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)