[hotfix] Add the version constraint on LightGBM

[c-bata]

Motivation

Refs #204 and optuna/optuna-examples#302

Description of the changes

LightGBM 4.6.0 was released two days ago, causing the workflow to fail. This PR adds a version constraint on LightGBM as a hotfix.

[c-bata]

@HideakiImamura Could you review this PR? Please note that CI wasn't triggered for this PR. I can push a small patch just to trigger CI, as shown below. Let me know if you'd like me to push it to reduce the effort for the PR review.

$ git diff --cached
diff --git a/optuna_integration/lightgbm/__init__.py b/optuna_integration/lightgbm/__init__.py
index 2062909..4e3d5df 100644
--- a/optuna_integration/lightgbm/__init__.py
+++ b/optuna_integration/lightgbm/__init__.py
@@ -10,7 +10,7 @@ from .lightgbm import LightGBMPruningCallback
 with try_import() as _imports:
     import lightgbm as lgb

-# Attach lightgbm API.
+# Attach LightGBM API.
 if _imports.is_successful():
     # To pass tests/lightgbm_tuner_tests/test_optimize.py.
     from lightgbm import Dataset

[ffineis]

Thanks for pinning this. Apparently there's a high-risk security alert raised by my org's dependabot for lightgbm
versions [1.0.0, 4.6.0). So I'd love to be able to use lgbm 4.6.0 with optuna.

"LightGBM Remote Code Execution Vulnerability".

I think the main issue preventing forward compatibility is the use of feature_name and categorical_feature throughout _lightgbm_tuner/optimize.py. See lightgbm-org/LightGBM#6435

[ffineis]

There are also issues with LightGBMPruningCallback's use of the now-deprecated cv_agg str: https://github.com/microsoft/LightGBM/pull/6761/files

[c-bata]

@ffineis Thank you for your investigation! Let me unassign the reviewer for this PR.

@HideakiImamura Could you please proceed with the review of #207 first? I will close this PR if #207 will be smoothly merged.

[HideakiImamura]

Let me close this issue since #207 has been merged.