1.4.0 release notes and fixes

[AdrianAtZyte]

Fixes #1056, closes #1308, reopens #533.

[wRAR]

reopens #533.

It doesn't look like a recognized directive :)

[codecov]

Codecov Report

❌ Patch coverage is 89.47368% with 2 lines in your changes missing coverage. Please review.
✅ Project coverage is 97.21%. Comparing base (7a3113e) to head (8f7ad84).
⚠️ Report is 1 commits behind head on master.

Files with missing lines	Patch %	Lines
dateparser/languages/dictionary.py	87.50%	1 Missing ⚠️
dateparser/languages/locale.py	85.71%	1 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #1319      +/-   ##
==========================================
+ Coverage   96.63%   97.21%   +0.57%     
==========================================
  Files         235      235              
  Lines        2915     2905      -10     
==========================================
+ Hits         2817     2824       +7     
+ Misses         98       81      -17     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

[AdrianAtZyte]

I know, it’s to remind myself to do it 🙂

[Copilot]

Pull request overview

This PR updates the upcoming 1.4.0 release notes and hardens the library against code-execution risks by removing eval() usage in locale metadata parsing and eliminating pickle-based timezone cache loading.

Changes:

• Replace eval() parsing of no_word_spacing with strict boolean parsing and add regression tests to prevent code execution (#1056).
• Remove import-time loading of timezone offsets/regexes from a packaged pickle cache, and stop shipping/building that cache via packaging/docs updates.
• Add 1.4.0 (unreleased) release notes covering the above changes.

Reviewed changes

Copilot reviewed 7 out of 8 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
tests/test_languages.py	Adds security regression tests ensuring no_word_spacing cannot trigger code execution.
dateparser/languages/locale.py	Replaces eval() with a strict boolean parser for no_word_spacing.
dateparser/languages/dictionary.py	Replaces eval() with a strict boolean parser for no_word_spacing.
dateparser/timezone_parser.py	Removes pickle-cache loading and instead builds timezone offsets/regexes directly in module initialization.
dateparser/data/dateparser_tz_cache.pkl	Removes the packaged timezone pickle cache artifact.
MANIFEST.in	Stops including the timezone pickle cache in distributions.
CONTRIBUTING.rst	Removes instructions for rebuilding the timezone pickle cache.
HISTORY.rst	Adds 1.4.0 (unreleased) notes describing security fixes and other changes.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.