Remove restrictive cbor2 pin

[jruizaranguren]

This merge request:

• Removes the dependency constraint cbor2>=5.4.0,<5.5.0, which can cause dependency‑resolution conflicts and block downstream projects from receiving security updates.
• Updates cbor2 to the latest release. This surfaced a change in date/time handling that affects pyMDOC-CBOR.

Impact:

• Only one test failed after the update: pymdoccbor/tests/test_08_mdoc_cbor.py.
• A targeted workaround has been applied so the date assertion passes.

Next steps:

• Release a new version of the library without cbor2 pin
• Perform a thorough review of date/time handling in both code and tests, considering the behavior described in the cbor2 documentation: https://cbor2.readthedocs.io/en/latest/usage.html#date-time-handling
  • Decide on a canonical representation (naive vs. timezone‑aware, UTC normalization).
  • Define parsing/serialization policy and CBOR tag handling.
  • Add tests that cover timezones, DST, and round‑trip encoding/decoding.

[peppelinux]

we may have security updates in 5.4.x and breaking changes in 5.5.0, this is why we decided to specify the version of a dependency using a known minor release

This surfaced a change in date/time handling that affects pyMDOC-CBOR

therefore we should move our deps up to cbor2 55., and removing support for 5.4

we wil lcontinue the review, I am interested in having in this current PR also these ones:

• Decide on a canonical representation (naive vs. timezone‑aware, UTC normalization).
• Define parsing/serialization policy and CBOR tag handling.
• Add tests that cover timezones, DST, and round‑trip encoding/decoding.

I'd wait for any of your proposal for the impl of the previous tasks, therefore I will engage @PascalDR in the final review