Skip to content

Commit

Permalink
Bump flask from 1.1.2 to 3.0.3 in /requirements (#3296)
Browse files Browse the repository at this point in the history 
Bumps [flask](https://github.com/pallets/flask) from 1.1.2 to 3.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/flask/releases">flask's
releases</a>.</em></p>
<blockquote>
<h2>3.0.3</h2>
<p>This is a fix release for the 3.0.x feature branch.</p>
<p>PyPI: <a
href="https://pypi.org/project/Flask/3.0.3/">https://pypi.org/project/Flask/3.0.3/</a>
Changes: <a
href="https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-3">https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-3</a>
Milestone: <a
href="https://github.com/pallets/flask/milestone/35?closed=1">https://github.com/pallets/flask/milestone/35?closed=1</a></p>
<ul>
<li>The default <code>hashlib.sha1</code> may not be available in FIPS
builds. Don't access it at import time so the developer has time to
change the default. <a
href="https://redirect.github.com/pallets/flask/issues/5448">#5448</a></li>
<li>Don't initialize the <code>cli</code> attribute in the sansio
scaffold, but rather in the <code>Flask</code> concrete class. <a
href="https://redirect.github.com/pallets/flask/issues/5270">#5270</a></li>
</ul>
<h2>3.0.2</h2>
<p>This is a fix release for the 3.0.x feature release branch. It fixes
bugs but does not otherwise change behavior and should not result in
breaking changes.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/3.0.x/changes/#version-3.0.2">https://flask.palletsprojects.com/en/3.0.x/changes/#version-3.0.2</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/34?closed=1">https://github.com/pallets/flask/milestone/34?closed=1</a></li>
<li>PyPI: <a
href="https://pypi.org/project/Flask/3.0.2/">https://pypi.org/project/Flask/3.0.2/</a></li>
</ul>
<h2>3.0.1</h2>
<p>This is a fix release for the 3.0.x feature release branch.</p>
<p>Fixes an issue where using other JSON providers, such as
<code>flask-orjson</code>, previously caused loaded session data to have
an incorrect format in some cases.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-1">https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-1</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/32?closed=1">https://github.com/pallets/flask/milestone/32?closed=1</a></li>
<li>PyPI: <a
href="https://pypi.org/project/Flask/3.0.1/">https://pypi.org/project/Flask/3.0.1/</a></li>
</ul>
<h2>3.0.0</h2>
<p>This is a feature release, which includes new features, removes
previously deprecated code, and adds new deprecations. The 3.0.x branch
is now the supported fix branch, the 2.3.x branch will become a tag
marking the end of support for that branch. We encourage everyone to
upgrade, and to use a tool such as <a
href="https://pypi.org/project/pip-tools/">pip-tools</a> to pin all
dependencies and control upgrades. Test with warnings treated as errors
to be able to adapt to deprecation warnings early.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-0">https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-0</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/20?closed=1">https://github.com/pallets/flask/milestone/20?closed=1</a></li>
</ul>
<h2>2.3.3</h2>
<p>This is a fix release for the 2.3.x feature branch.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-3">https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-3</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/31?closed=1">https://github.com/pallets/flask/milestone/31?closed=1</a></li>
</ul>
<h2>2.3.2</h2>
<p>This is a security fix release for the 2.3.x release branch.</p>
<ul>
<li>Security advisory: <a
href="https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq">https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq</a>,
CVE-2023-30861</li>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-2">https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-2</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/29?closed=1">https://github.com/pallets/flask/milestone/29?closed=1</a></li>
</ul>
<h2>2.3.1</h2>
<p>This is a fix release for the 2.3.x release branch.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-1">https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-1</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/28?closed=1">https://github.com/pallets/flask/milestone/28?closed=1</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/flask/blob/main/CHANGES.rst">flask's
changelog</a>.</em></p>
<blockquote>
<h2>Version 3.0.3</h2>
<p>Released 2024-04-07</p>
<ul>
<li>The default <code>hashlib.sha1</code> may not be available in FIPS
builds. Don't
access it at import time so the developer has time to change the
default.
:issue:<code>5448</code></li>
<li>Don't initialize the <code>cli</code> attribute in the sansio
scaffold, but rather in
the <code>Flask</code> concrete class. :pr:<code>5270</code></li>
</ul>
<h2>Version 3.0.2</h2>
<p>Released 2024-02-03</p>
<ul>
<li>Correct type for <code>jinja_loader</code> property.
:issue:<code>5388</code></li>
<li>Fix error with <code>--extra-files</code> and
<code>--exclude-patterns</code> CLI options.
:issue:<code>5391</code></li>
</ul>
<h2>Version 3.0.1</h2>
<p>Released 2024-01-18</p>
<ul>
<li>Correct type for <code>path</code> argument to
<code>send_file</code>. :issue:<code>5230</code></li>
<li>Fix a typo in an error message for the <code>flask run --key</code>
option. :pr:<code>5344</code></li>
<li>Session data is untagged without relying on the built-in
<code>json.loads</code>
<code>object_hook</code>. This allows other JSON providers that don't
implement that.
:issue:<code>5381</code></li>
<li>Address more type findings when using mypy strict mode.
:pr:<code>5383</code></li>
</ul>
<h2>Version 3.0.0</h2>
<p>Released 2023-09-30</p>
<ul>
<li>Remove previously deprecated code. :pr:<code>5223</code></li>
<li>Deprecate the <code>__version__</code> attribute. Use feature
detection, or
<code>importlib.metadata.version(&quot;flask&quot;)</code>, instead.
:issue:<code>5230</code></li>
<li>Restructure the code such that the Flask (app) and Blueprint
classes have Sans-IO bases. :pr:<code>5127</code></li>
<li>Allow self as an argument to url_for. :pr:<code>5264</code></li>
<li>Require Werkzeug &gt;= 3.0.0.</li>
</ul>
<p>Version 2.3.3</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/flask/commit/c12a5d874c5a014495eb2db8a73f40037bc813ac"><code>c12a5d8</code></a>
release version 3.0.3</li>
<li><a
href="https://github.com/pallets/flask/commit/5e22cc9eec0d1da2da706ccf724fde702b30d5f2"><code>5e22cc9</code></a>
Don't set the cli attribute in the sansio scaffold (<a
href="https://redirect.github.com/pallets/flask/issues/5270">#5270</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/5fdce4c331ac530280cc941179d364a07f4a1088"><code>5fdce4c</code></a>
Don't set the cli attribute in the sansio scaffold</li>
<li><a
href="https://github.com/pallets/flask/commit/adb7dd99c295a28726c8d818fba54c7b3f958ecc"><code>adb7dd9</code></a>
don't access app.logger when configuring app.logger</li>
<li><a
href="https://github.com/pallets/flask/commit/b73939095564ec5c088c53e7595b00d174a018f5"><code>b739390</code></a>
support FIPS builds without SHA-1 (<a
href="https://redirect.github.com/pallets/flask/issues/5460">#5460</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/db461112c70d5f2bf93c7a6ac27eeb665c232dd0"><code>db46111</code></a>
access sha1 lazily</li>
<li><a
href="https://github.com/pallets/flask/commit/7320e311a0a3f190351173f8be90cab31dadbf73"><code>7320e31</code></a>
start version 3.0.3</li>
<li><a
href="https://github.com/pallets/flask/commit/87d5f5b9a9697434e6d972b021201105eabb54e6"><code>87d5f5b</code></a>
update project files (<a
href="https://redirect.github.com/pallets/flask/issues/5457">#5457</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/d5e321b792cd6f3cd7b072d175f47eacbd5ee14f"><code>d5e321b</code></a>
release version 3.0.2 (<a
href="https://redirect.github.com/pallets/flask/issues/5403">#5403</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/d2030595dcdc8ca5701504f00255360fb12a3a2b"><code>d203059</code></a>
release version 3.0.2</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/flask/compare/1.1.2...3.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=flask&package-manager=pip&previous-version=1.1.2&new-version=3.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ben Hammond <benjamin.hammond@gmail.com>
  • Loading branch information
@dependabot @benhammondmusic
dependabot[bot] and benhammondmusic committed May 15, 2024
1 parent 15fac75 commit 7e9ac84
Showing 1 changed file with 49 additions and 29 deletions.
78 changes: 49 additions & 29 deletions requirements/tests.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,29 +4,35 @@
#
# pip-compile --output-file=requirements/tests.txt requirements/tests.in
#
astroid==3.2.0
# via pylint
attrs==20.2.0
# via pytest
blinker==1.8.2
# via flask
cachetools==4.1.1
# via
# -r requirements/../data_server/../python/data_server/requirements.in
# -r ../data_server/../python/data_server/requirements.in
# google-auth
certifi==2020.6.20
# via requests
cffi==1.14.3
# via google-crc32c
chardet==3.0.4
# via requests
click==7.1.2
click==8.1.7
# via flask
flask-cors==3.0.10
# via -r requirements/../data_server/requirements.in
flask==1.1.2
dill==0.3.8
# via pylint
flask==3.0.3
# via
# -r requirements/../data_server/requirements.in
# -r requirements/tests.in
# -r ../data_server/requirements.in
# -r tests.in
# flask-cors
flask-cors==3.0.10
# via -r ../data_server/requirements.in
freezegun==1.0.0
# via -r requirements/../python/tests/requirements.in
# via -r ../python/tests/requirements.in
google-api-core[grpc]==1.23.0
# via
# google-cloud-bigquery
Expand All @@ -36,21 +42,21 @@ google-auth==1.22.1
# via
# google-api-core
# google-cloud-storage
google-cloud==0.34.0
# via -r ../python/tests/../ingestion/requirements.in
google-cloud-bigquery==2.2.0
# via -r requirements/../python/tests/../ingestion/requirements.in
# via -r ../python/tests/../ingestion/requirements.in
google-cloud-core==1.4.3
# via
# -r requirements/../python/tests/../ingestion/requirements.in
# -r ../python/tests/../ingestion/requirements.in
# google-cloud-bigquery
# google-cloud-storage
google-cloud-pubsub==2.1.0
# via -r requirements/../python/tests/../ingestion/requirements.in
# via -r ../python/tests/../ingestion/requirements.in
google-cloud-storage==1.32.0
# via
# -r requirements/../data_server/../python/data_server/requirements.in
# -r requirements/../python/tests/../ingestion/requirements.in
google-cloud==0.34.0
# via -r requirements/../python/tests/../ingestion/requirements.in
# -r ../data_server/../python/data_server/requirements.in
# -r ../python/tests/../ingestion/requirements.in
google-crc32c==1.0.0
# via google-resumable-media
google-resumable-media==1.1.0
Expand All @@ -69,29 +75,37 @@ grpcio==1.33.1
# googleapis-common-protos
# grpc-google-iam-v1
gunicorn==20.0.4
# via -r requirements/../data_server/requirements.in
# via -r ../data_server/requirements.in
idna==2.10
# via requests
iniconfig==1.1.1
# via pytest
itsdangerous==1.1.0
isort==5.13.2
# via pylint
itsdangerous==2.2.0
# via flask
jinja2==2.11.2
jinja2==3.1.4
# via flask
libcst==0.3.13
# via google-cloud-pubsub
markupsafe==1.1.1
# via jinja2
markupsafe==2.1.5
# via
# jinja2
# werkzeug
mccabe==0.7.0
# via pylint
mypy-extensions==0.4.3
# via typing-inspect
numpy==1.23.2
numpy==1.26.4
# via pandas
packaging==20.4
# via pytest
pandas==2.2.0
# via
# -r requirements/../python/tests/../ingestion/requirements.in
# -r requirements/../python/tests/requirements.in
# -r ../python/tests/../ingestion/requirements.in
# -r ../python/tests/requirements.in
platformdirs==4.2.1
# via pylint
pluggy==0.13.1
# via pytest
proto-plus==1.11.0
Expand All @@ -106,18 +120,20 @@ protobuf==3.13.0
# proto-plus
py==1.9.0
# via pytest
pyasn1-modules==0.2.8
# via google-auth
pyasn1==0.4.8
# via
# pyasn1-modules
# rsa
pyasn1-modules==0.2.8
# via google-auth
pycparser==2.20
# via cffi
pylint==3.2.0
# via -r ../python/tests/../ingestion/requirements.in
pyparsing==2.4.7
# via packaging
pytest==6.1.1
# via -r requirements/tests.in
# via -r tests.in
python-dateutil==2.8.2
# via
# freezegun
Expand All @@ -130,7 +146,7 @@ pyyaml==5.3.1
# via libcst
requests==2.24.0
# via
# -r requirements/../python/tests/../ingestion/requirements.in
# -r ../python/tests/../ingestion/requirements.in
# google-api-core
# google-cloud-storage
rsa==4.6
Expand All @@ -148,18 +164,22 @@ six==1.15.0
# python-dateutil
toml==0.10.1
# via pytest
tomlkit==0.12.5
# via pylint
typing-extensions==3.7.4.3
# via
# libcst
# typing-inspect
typing-inspect==0.6.0
# via libcst
tzdata==2024.1
# via pandas
urllib3==1.25.11
# via requests
werkzeug==1.0.1
werkzeug==3.0.3
# via flask
xlrd==1.2.0
# via -r requirements/../python/tests/../ingestion/requirements.in
# via -r ../python/tests/../ingestion/requirements.in

# The following packages are considered to be unsafe in a requirements file:
# setuptools

0 comments on commit 7e9ac84

Please sign in to comment.