Update xlrd requirement from ~=1.2 to ~=2.0 in /webapp

[dependabot-preview]

Updates the requirements on xlrd to permit the latest version.

Changelog

Sourced from xlrd's changelog.

2.0.1 (11 December 2020)

• Use the README as the long description on PyPI.

2.0.0 (11 December 2020)

• Remove support for anything other than .xls files.
• Remove support for psyco.
• Change the default encoding used when no CODEPAGE record can be found from ascii to iso-8859-1.
• Add support for iterating over ~xlrd.book.Book objects.
• Add support for item access from ~xlrd.book.Book objects, where integer indices and string sheet names are supported.
• Non-unicode spaces are now stripped from the "last author" information.
• Workbook corruption errors can now be ignored using the ignore_workbook_corruption option to ~xlrd.open_workbook.
• Handle WRITEACCESS records with invalid trailing characters.
• Officially support Python 3.8 and 3.9.

Thanks to the following for their contributions to this release:

• Jon Dufresne
• Tore Lundqvist
• nayyarv
• Michael Davis
• skonik

1.2.0 (15 December 2018)

• Added support for Python 3.7.
• Added optional support for defusedxml to help mitigate exploits.
• Automatically convert ~ in file paths to the current user's home directory.
• Removed examples directory from the installed package. They are still available in the source distribution.
• Fixed time.clock() deprecation warning.

1.1.0 (22 August 2017)

• Fix for parsing of merged cells containing a single cell reference in xlsx files.
• Fix for "invalid literal for int() with base 10: 'true'" when reading some xlsx files.
• Make xldate_as_datetime available to import direct from xlrd.
• Build universal wheels.
• Sphinx documentation.
• Document the problem with XML vulnerabilities in xlsx files and mitigation measures.
• Fix NameError on has_defaults is not defined.
• Some whitespace and code style tweaks.
• Make example in README compatible with both Python 2 and 3.
• Add default value for cells containing errors that causeed parsing of some xlsx files to fail.
• Add Python 3.6 to the list of supported Python versions, drop 3.3 and 2.6.
• Use generator expressions to avoid unnecessary lists in memory.

Commits

• b8d573e use the README for the long description
• c6d642b Prepare for 2.0.0 release
• e61d8ed missing import
• c9e47c6 Restructure index, readme and acknowledgments.
• 2c3e7ec Updated development instructions.
• 8232920 Better documentation for inspect_format.
• 07440b8 Without xlsx, we have no opportunity for xml vulnerabilities.
• be69403 Installation of python packages is standardised now.
• 8d91f61 check docs
• 56c0bd7 Give sensible exceptions when we know we can't open a file.
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
• @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
• @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
• @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
• @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language
• @dependabot badge me will comment on this PR with code to add a "Dependabot enabled" badge to your readme

Additionally, you can set the following in your Dependabot dashboard:

• Update frequency (including time of day and day of week)
• Pull request limits (per update run and/or open at any time)
• Out-of-range updates (receive only lockfile updates, if desired)
• Security updates (receive only security updates, if desired)