Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update flask-wtf to 0.14.2 #110

Merged
merged 4 commits into from Mar 1, 2017

Conversation

@pyup-bot
Copy link
Contributor

commented Feb 27, 2017

There's a new version of Flask-WTF available.
You are currently using 0.13.1. I have updated it to 0.14.2

These links might come in handy: PyPI | Changelog | Repo | Docs

Changelog

0.14.2


Released 2017-01-10

  • Fix bug where FlaskForm assumed meta argument was not None if it
    was passed. (278_)

.. _278: lepture/flask-wtf#278

0.14.1


Released 2017-01-10

  • Fix bug where the file validators would incorrectly identify an empty file as
    valid data. (276, 277)
  • FileField is no longer deprecated. The data is checked during
    processing and only set if it's a valid file.
  • has_file is deprecated; it's now equivalent to bool(field.data).
  • FileRequired and FileAllowed work with both the Flask-WTF and
    WTForms FileField classes.
  • The Optional validator now works with FileField.

.. _276: lepture/flask-wtf#276
.. _277: lepture/flask-wtf#277

0.14


Released 2017-01-06

  • Use itsdangerous to sign CSRF tokens and check expiration instead of doing it
    ourselves. (264_)
  • All tokens are URL safe, removing the url_safe parameter from
    generate_csrf. (206_)
  • All tokens store a timestamp, which is checked in validate_csrf. The
    time_limit parameter of generate_csrf is removed.
  • Remove the app attribute from CsrfProtect, use current_app.
    (264_)
  • CsrfProtect protects the DELETE method by default. (264_)
  • The same CSRF token is generated for the lifetime of a request. It is exposed
    as request.csrf_token for use during testing. (227, 264)
  • CsrfProtect.error_handler is deprecated. (264_)
  • Handlers that return a response work in addition to those that raise an
    error. The behavior was not clear in previous docs.
  • (200, 209, 243, 252)
  • Use Form.Meta instead of deprecated SecureForm for CSRF (and
    everything else). (216, 271)
  • csrf_enabled parameter is still recognized but deprecated. All other
    attributes and methods from SecureForm are removed. (271_)
  • Provide WTF_CSRF_FIELD_NAME to configure the name of the CSRF token.
    (271_)
  • validate_csrf raises wtforms.ValidationError with specific messages
    instead of returning True or False. This breaks anything that was
    calling the method directly. (239, 271)
  • CSRF errors are logged as well as raised. (239_)
  • CsrfProtect is renamed to CSRFProtect. A deprecation warning is issued
    when using the old name. CsrfError is renamed to CSRFError without
    deprecation. (271_)
  • FileField is deprecated because it no longer provides functionality over
    the provided validators. Use wtforms.FileField directly. (272_)

.. _200: lepture/flask-wtf#200
.. _209: lepture/flask-wtf#209
.. _216: lepture/flask-wtf#216
.. _227: lepture/flask-wtf#227
.. _239: lepture/flask-wtf#239
.. _243: lepture/flask-wtf#243
.. _252: lepture/flask-wtf#252
.. _264: lepture/flask-wtf#264
.. _271: lepture/flask-wtf#271
.. _272: lepture/flask-wtf#272

Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.

Happy merging! 🤖


This change is Reviewable

@codecov-io

This comment has been minimized.

Copy link

commented Mar 1, 2017

Codecov Report

Merging #110 into develop will not change coverage.
The diff coverage is n/a.

@@           Coverage Diff            @@
##           develop     #110   +/-   ##
========================================
  Coverage    76.75%   76.75%           
========================================
  Files           21       21           
  Lines          753      753           
========================================
  Hits           578      578           
  Misses         175      175

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update b6eb411...b76066d. Read the comment docs.

@andreoliwa andreoliwa merged commit f0d08de into develop Mar 1, 2017

3 checks passed

codecov/patch Coverage not affected when comparing b6eb411...b76066d
Details
codecov/project 76.75% remains the same compared to b6eb411
Details
continuous-integration/travis-ci/push The Travis CI build passed
Details

@andreoliwa andreoliwa deleted the pyup-update-flask-wtf-0.13.1-to-0.14.2 branch Mar 1, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.