Use GitHub Helper bot, fast-forward cookiecutter

[Zeitsperre]

Pull Request Checklist:

• This PR addresses an already opened issue (for bug fixes / features)
  • This PR fixes #xyz
• (If applicable) Documentation has been added / updated (for bug fixes / features).
• (If applicable) Tests have been added.
• CHANGELOG.rst has been updated (with summary of main changes).
  • Link to issue (:issue:number) and pull request (:pull:number) has been added.

What kind of change does this PR introduce?

• Enables the Hydrologie Helper Bot to push signed commits to main
• Fast-forwards the cookiecutter
• Pins and synchronizes several dependencies

Does this PR introduce a breaking change?

No.

Other information:

"Why use a helper bot?"

Glad you asked. The commits that are coming from the workflow currently are "borrowing" a token I made then overwriting the committer information and, as such, the GPG signature is invalid. For security purposes, this makes it look like someone stole my account and committed changes pretending to be someone else, which is effectively what it is doing.

The helper bot is a verified way of indicating that these commits are genuine and coming from a verified source (by way of GPG signature). The bot makes a one-time-use token, creates a commit with it, pushes the changes, then destroys that token so that the risk of it leaking is diminished.