Update referrer-policy to strict-origin-when-cross-origin, remove django-referrer-policy packages, built in to Django 3 and later (#4296)

They were used with the old way we handled comment editing.

Allow for better type hints when working with editors that support it.
I'm using Zed with pywright linter. Recently, some type hints were added
to the project. This help catch issues against the django default types
and any custom types that are added to this codebase.

This doesn't add any runtime overhead.

This PR also these patch versions of these dependencies

- Updated anyio v4.6.2.post1 -> v4.7.0
- Updated boto3 v1.35.76 -> v1.35.79
- Updated botocore v1.35.76 -> v1.35.79
- Updated coverage v7.6.8 -> v7.6.9
- Updated django-select2 v8.2.1 -> v8.2.3
- Updated httpx v0.28.0 -> v0.28.1
- Updated mkdocs-material v9.5.47 -> v9.5.48
- Updated numpy v2.1.3 -> v2.2.0
- Updated sentry-sdk v2.19.0 -> v2.19.2
- Updated sqlparse v0.5.2 -> v0.5.3


https://github.com/typeddjango/django-stubs

The flow to update are as follow:

1. Run `uv tree -d 1 --outdated` to get  list of packages with updates.
2. Update the package version in `pyproject.toml`
3. Run `uv sync`, this will install all the new packages and sync the
`uv.lock` file.
* The command will alert of any dependency conflicts, you need to
resolve these.
4. Run `pre-commit run --all-files`, this will run the `uv` commands
needed to update all the requirements* files. (Info is taken from the
`uv.lock` file so it must be updated before this step.)

- Use frozen dependencies with hashes to ensure reproducible dependency
installation in a secure way.
- Uses `uv` and pre-commit to automatically generate the locked
requirements files from pyproject.toml.
- While the translation dependencies can be installed directly with
`uv`, uv doesn’t seem to be able to add `--find-link=…` to the exported
`requirements/translate.txt`, for that reason the translation
dependencies are left as they are and won’t be automatically exported
via pre-commit.
- So whenever `uv lock —upgrade` is run, it will freeze the latest patch
versions.
- The production dependencies are specified with a `~` which means `>=`
at the last digit of requirements.
- The dev dependencies have `>=` to make them easy to update, if
something breaks in dev either fix it or go back to the old frozen
dependencies.
- Moved generated dependencies in requirements/ folder.
- Use `--no-deps` where applicable while installing these generated
requirements as the sub-dependencies are already resolved.