chore(deps-dev): update zizmor requirement from <1.23,>=1.15.2 to >=1.15.2,<1.24 in the dev group

[dependabot]

Updates the requirements on zizmor to permit the latest version.
Updates zizmor to 1.23.1

Release notes

Sourced from zizmor's releases.

v1.23.1

Bug Fixes 🐛🔗

• Fixed a bug where zizmor would error if given both a GH_TOKEN and a GITHUB_TOKEN (or ZIZMOR_GITHUB_TOKEN) via the environment (#1724)

Changelog

Sourced from zizmor's changelog.

1.23.1

Bug Fixes 🐛

• Fixed a bug where zizmor would error if given both a GH_TOKEN and a GITHUB_TOKEN (or ZIZMOR_GITHUB_TOKEN) via the environment (#1724)

• Fixed a bug in [template-injection] where the context input of docker/build-push-action was incorrectly considered a code injection sink (#1705)

Changes ⚠️

• artipacked audit emits a pedantic finding if persist-credentials is an expression (#1735)

1.23.0

New Features 🌈

• New audit: [secrets-outside-env] detects usage of the secrets context in jobs that don't have a corresponding environment (#1599)

• New audit: [superfluous-actions] detects usage of actions that perform operations already provided by GitHub's own runner images (#1618)

Enhancements 🌱

• zizmor's LSP mode is now configuration-aware, and will load configuration files relative to workspace roots (#1555)

• zizmor now reads the GITHUB_TOKEN environment variable as an alias/equivalent for GH_TOKEN (#1566)

• zizmor now supports inputs that contain duplicated anchor names (#1575)

• zizmor now flags missing cooldowns on opentofu ecosystem definitions in Dependabot (again) (#1586)

• zizmor now reads the ZIZMOR_GITHUB_TOKEN environment variable as an alias/equivalent for GH_TOKEN and GITHUB_TOKEN (#1641)

• The SARIF output format now adds zizmor/confidence, zizmor/persona and zizmor/severity to the properties of findings (#1656)

• Added awalsh128/cache-apt-pkgs-action as a cache-aware action to the cache-poisoning audit (#1708)

Changes ⚠️

... (truncated)

Commits

• 0b77258 zizmor v1.23.1 (#1725)
• d822fa6 Remove conflict handling from GH_TOKEN aliases (#1724)
• 773439b Bump trophies (#1721)
• f5c05f0 zizmor 1.23.0 (#1719)
• 93858d8 zizmor 1.23.0-rc7 (#1718)
• 76d3f1e yamlpatch 0.13.0 (#1717)
• 7a71262 github-actions-expressions 0.0.15 (#1716)
• 2255be6 zizmor 1.23.0-rc6 (#1715)
• a0f9dcb Fix http-cache usage (#1689)
• adabd2d Update pedantic persona example (#1714)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions