Skip to content

Commit

Permalink
Bump flask from 2.2.5 to 3.0.3 in /data_server (#3287)
Browse files Browse the repository at this point in the history 
Bumps [flask](https://github.com/pallets/flask) from 2.2.5 to 3.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/flask/releases">flask's
releases</a>.</em></p>
<blockquote>
<h2>3.0.3</h2>
<p>This is a fix release for the 3.0.x feature branch.</p>
<p>PyPI: <a
href="https://pypi.org/project/Flask/3.0.3/">https://pypi.org/project/Flask/3.0.3/</a>
Changes: <a
href="https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-3">https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-3</a>
Milestone: <a
href="https://github.com/pallets/flask/milestone/35?closed=1">https://github.com/pallets/flask/milestone/35?closed=1</a></p>
<ul>
<li>The default <code>hashlib.sha1</code> may not be available in FIPS
builds. Don't access it at import time so the developer has time to
change the default. <a
href="https://redirect.github.com/pallets/flask/issues/5448">#5448</a></li>
<li>Don't initialize the <code>cli</code> attribute in the sansio
scaffold, but rather in the <code>Flask</code> concrete class. <a
href="https://redirect.github.com/pallets/flask/issues/5270">#5270</a></li>
</ul>
<h2>3.0.2</h2>
<p>This is a fix release for the 3.0.x feature release branch. It fixes
bugs but does not otherwise change behavior and should not result in
breaking changes.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/3.0.x/changes/#version-3.0.2">https://flask.palletsprojects.com/en/3.0.x/changes/#version-3.0.2</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/34?closed=1">https://github.com/pallets/flask/milestone/34?closed=1</a></li>
<li>PyPI: <a
href="https://pypi.org/project/Flask/3.0.2/">https://pypi.org/project/Flask/3.0.2/</a></li>
</ul>
<h2>3.0.1</h2>
<p>This is a fix release for the 3.0.x feature release branch.</p>
<p>Fixes an issue where using other JSON providers, such as
<code>flask-orjson</code>, previously caused loaded session data to have
an incorrect format in some cases.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-1">https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-1</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/32?closed=1">https://github.com/pallets/flask/milestone/32?closed=1</a></li>
<li>PyPI: <a
href="https://pypi.org/project/Flask/3.0.1/">https://pypi.org/project/Flask/3.0.1/</a></li>
</ul>
<h2>3.0.0</h2>
<p>This is a feature release, which includes new features, removes
previously deprecated code, and adds new deprecations. The 3.0.x branch
is now the supported fix branch, the 2.3.x branch will become a tag
marking the end of support for that branch. We encourage everyone to
upgrade, and to use a tool such as <a
href="https://pypi.org/project/pip-tools/">pip-tools</a> to pin all
dependencies and control upgrades. Test with warnings treated as errors
to be able to adapt to deprecation warnings early.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-0">https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-0</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/20?closed=1">https://github.com/pallets/flask/milestone/20?closed=1</a></li>
</ul>
<h2>2.3.3</h2>
<p>This is a fix release for the 2.3.x feature branch.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-3">https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-3</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/31?closed=1">https://github.com/pallets/flask/milestone/31?closed=1</a></li>
</ul>
<h2>2.3.2</h2>
<p>This is a security fix release for the 2.3.x release branch.</p>
<ul>
<li>Security advisory: <a
href="https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq">https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq</a>,
CVE-2023-30861</li>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-2">https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-2</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/29?closed=1">https://github.com/pallets/flask/milestone/29?closed=1</a></li>
</ul>
<h2>2.3.1</h2>
<p>This is a fix release for the 2.3.x release branch.</p>
<ul>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-1">https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-1</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/28?closed=1">https://github.com/pallets/flask/milestone/28?closed=1</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/flask/blob/main/CHANGES.rst">flask's
changelog</a>.</em></p>
<blockquote>
<h2>Version 3.0.3</h2>
<p>Released 2024-04-07</p>
<ul>
<li>The default <code>hashlib.sha1</code> may not be available in FIPS
builds. Don't
access it at import time so the developer has time to change the
default.
:issue:<code>5448</code></li>
<li>Don't initialize the <code>cli</code> attribute in the sansio
scaffold, but rather in
the <code>Flask</code> concrete class. :pr:<code>5270</code></li>
</ul>
<h2>Version 3.0.2</h2>
<p>Released 2024-02-03</p>
<ul>
<li>Correct type for <code>jinja_loader</code> property.
:issue:<code>5388</code></li>
<li>Fix error with <code>--extra-files</code> and
<code>--exclude-patterns</code> CLI options.
:issue:<code>5391</code></li>
</ul>
<h2>Version 3.0.1</h2>
<p>Released 2024-01-18</p>
<ul>
<li>Correct type for <code>path</code> argument to
<code>send_file</code>. :issue:<code>5230</code></li>
<li>Fix a typo in an error message for the <code>flask run --key</code>
option. :pr:<code>5344</code></li>
<li>Session data is untagged without relying on the built-in
<code>json.loads</code>
<code>object_hook</code>. This allows other JSON providers that don't
implement that.
:issue:<code>5381</code></li>
<li>Address more type findings when using mypy strict mode.
:pr:<code>5383</code></li>
</ul>
<h2>Version 3.0.0</h2>
<p>Released 2023-09-30</p>
<ul>
<li>Remove previously deprecated code. :pr:<code>5223</code></li>
<li>Deprecate the <code>__version__</code> attribute. Use feature
detection, or
<code>importlib.metadata.version(&quot;flask&quot;)</code>, instead.
:issue:<code>5230</code></li>
<li>Restructure the code such that the Flask (app) and Blueprint
classes have Sans-IO bases. :pr:<code>5127</code></li>
<li>Allow self as an argument to url_for. :pr:<code>5264</code></li>
<li>Require Werkzeug &gt;= 3.0.0.</li>
</ul>
<p>Version 2.3.3</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/flask/commit/c12a5d874c5a014495eb2db8a73f40037bc813ac"><code>c12a5d8</code></a>
release version 3.0.3</li>
<li><a
href="https://github.com/pallets/flask/commit/5e22cc9eec0d1da2da706ccf724fde702b30d5f2"><code>5e22cc9</code></a>
Don't set the cli attribute in the sansio scaffold (<a
href="https://redirect.github.com/pallets/flask/issues/5270">#5270</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/5fdce4c331ac530280cc941179d364a07f4a1088"><code>5fdce4c</code></a>
Don't set the cli attribute in the sansio scaffold</li>
<li><a
href="https://github.com/pallets/flask/commit/adb7dd99c295a28726c8d818fba54c7b3f958ecc"><code>adb7dd9</code></a>
don't access app.logger when configuring app.logger</li>
<li><a
href="https://github.com/pallets/flask/commit/b73939095564ec5c088c53e7595b00d174a018f5"><code>b739390</code></a>
support FIPS builds without SHA-1 (<a
href="https://redirect.github.com/pallets/flask/issues/5460">#5460</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/db461112c70d5f2bf93c7a6ac27eeb665c232dd0"><code>db46111</code></a>
access sha1 lazily</li>
<li><a
href="https://github.com/pallets/flask/commit/7320e311a0a3f190351173f8be90cab31dadbf73"><code>7320e31</code></a>
start version 3.0.3</li>
<li><a
href="https://github.com/pallets/flask/commit/87d5f5b9a9697434e6d972b021201105eabb54e6"><code>87d5f5b</code></a>
update project files (<a
href="https://redirect.github.com/pallets/flask/issues/5457">#5457</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/d5e321b792cd6f3cd7b072d175f47eacbd5ee14f"><code>d5e321b</code></a>
release version 3.0.2 (<a
href="https://redirect.github.com/pallets/flask/issues/5403">#5403</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/d2030595dcdc8ca5701504f00255360fb12a3a2b"><code>d203059</code></a>
release version 3.0.2</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/flask/compare/2.2.5...3.0.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=flask&package-manager=pip&previous-version=2.2.5&new-version=3.0.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ben Hammond <benjamin.hammond@gmail.com>
  • Loading branch information
@dependabot @benhammondmusic
dependabot[bot] and benhammondmusic committed May 14, 2024
1 parent b073d2c commit 9d36805
Showing 1 changed file with 3 additions and 1 deletion.
4 changes: 3 additions & 1 deletion data_server/requirements.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,8 @@
#
# pip-compile --output-file=data_server/requirements.txt data_server/requirements.in
#
blinker==1.8.2
# via flask
cachetools==4.2.4
# via
# -r ../python/data_server/requirements.in
Expand All @@ -16,7 +18,7 @@ charset-normalizer==3.3.2
# via requests
click==8.1.7
# via flask
flask==2.2.5
flask==3.0.3
# via
# -r requirements.in
# flask-cors
Expand Down

0 comments on commit 9d36805

Please sign in to comment.