Release v1053+srv543.web360: chore(deps): bump the uv group across 1 directory with 2 updates (#1423) · comppolicylab/pingpong

v1053+srv543.web360
3bb0fc0
Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Verified
Learn about vigilant mode
Choose a tag to compare

Filter

View all tags

v1053+srv543.web360: chore(deps): bump the uv group across 1 directory with 2 updates (#1423)

v1053+srv543.web360
3bb0fc0
Choose a tag to compare

Filter

View all tags
Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature.

GPG key ID: B5690EEEBB952194

Verified
Learn about vigilant mode

dependabot tagged this 19 Feb 22:46

Bumps the uv group with 2 updates in the / directory:
[flask](https://github.com/pallets/flask) and
[werkzeug](https://github.com/pallets/werkzeug).

Updates `flask` from 3.1.2 to 3.1.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/flask/releases">flask's
releases</a>.</em></p>
<blockquote>
<h2>3.1.3</h2>
<p>This is the Flask 3.1.3 security fix release, which fixes a security
issue but does not otherwise change behavior and should not result in
breaking changes compared to the latest feature release.</p>
<p>PyPI: <a
href="https://pypi.org/project/Flask/3.1.3/">https://pypi.org/project/Flask/3.1.3/</a>
Changes: <a
href="https://flask.palletsprojects.com/page/changes/#version-3-1-3">https://flask.palletsprojects.com/page/changes/#version-3-1-3</a></p>
<ul>
<li>The session is marked as accessed for operations that only access
the keys but not the values, such as <code>in</code> and
<code>len</code>. <a
href="https://github.com/pallets/flask/security/advisories/GHSA-68rp-wp8r-4726">GHSA-68rp-wp8r-4726</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/flask/blob/main/CHANGES.rst">flask's
changelog</a>.</em></p>
<blockquote>
<h2>Version 3.1.3</h2>
<p>Released 2026-02-18</p>
<ul>
<li>The session is marked as accessed for operations that only access
the keys
but not the values, such as <code>in</code> and <code>len</code>.
:ghsa:<code>68rp-wp8r-4726</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/flask/commit/22d924701a6ae2e4cd01e9a15bbaf3946094af65"><code>22d9247</code></a>
release version 3.1.3</li>
<li><a
href="https://github.com/pallets/flask/commit/089cb86dd22bff589a4eafb7ab8e42dc357623b4"><code>089cb86</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/pallets/flask/commit/c17f379390731543eea33a570a47bd4ef76a54fa"><code>c17f379</code></a>
request context tracks session access</li>
<li><a
href="https://github.com/pallets/flask/commit/27be9338405382445a7cb01151e084559b98d602"><code>27be933</code></a>
start version 3.1.3</li>
<li><a
href="https://github.com/pallets/flask/commit/4e652d3f68b90d50aa2301d3b7e68c3fafd9251d"><code>4e652d3</code></a>
Abort if the instance folder cannot be created (<a
href="https://redirect.github.com/pallets/flask/issues/5903">#5903</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/3d03098a97ddc6a908aa4a50c2ef7381f8297d0a"><code>3d03098</code></a>
Abort if the instance folder cannot be created</li>
<li><a
href="https://github.com/pallets/flask/commit/407eb76b27884848383a37c7274654f0271e4bc4"><code>407eb76</code></a>
document using gevent for async (<a
href="https://redirect.github.com/pallets/flask/issues/5900">#5900</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/ac5664d2281533eacafd64f5cc7d5edcdaccab60"><code>ac5664d</code></a>
document using gevent for async</li>
<li><a
href="https://github.com/pallets/flask/commit/4f79d5b59a56bc4356a97f2e81a35f98cb18d7b3"><code>4f79d5b</code></a>
Increase required flit_core version to 3.11 (<a
href="https://redirect.github.com/pallets/flask/issues/5865">#5865</a>)</li>
<li><a
href="https://github.com/pallets/flask/commit/fe3b215d3ade4db68262dae1a3cdc464a1fc524f"><code>fe3b215</code></a>
Increase required flit_core version to 3.11</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/flask/compare/3.1.2...3.1.3">compare
view</a></li>
</ul>
</details>
<br />

Updates `werkzeug` from 3.1.5 to 3.1.6
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/werkzeug/releases">werkzeug's
releases</a>.</em></p>
<blockquote>
<h2>3.1.6</h2>
<p>This is the Werkzeug 3.1.6 security fix release, which fixes a
security issue but does not otherwise change behavior and should not
result in breaking changes compared to the latest feature release.</p>
<p>PyPI: <a
href="https://pypi.org/project/Werkzeug/3.1.6/">https://pypi.org/project/Werkzeug/3.1.6/</a>
Changes: <a
href="https://werkzeug.palletsprojects.com/page/changes/#version-3-1-6">https://werkzeug.palletsprojects.com/page/changes/#version-3-1-6</a></p>
<ul>
<li><code>safe_join</code> on Windows does not allow special devices
names in multi-segment paths. <a
href="https://github.com/pallets/werkzeug/security/advisories/GHSA-29vq-49wr-vm6x">GHSA-29vq-49wr-vm6x</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/werkzeug/blob/main/CHANGES.rst">werkzeug's
changelog</a>.</em></p>
<blockquote>
<h2>Version 3.1.6</h2>
<p>Released 2026-02-19</p>
<ul>
<li><code>safe_join</code> on Windows does not allow special devices
names in
multi-segment paths. :ghsa:<code>29vq-49wr-vm6x</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/werkzeug/commit/04da1b5221b7a7b57e82246e4b5741d37a6b2e56"><code>04da1b5</code></a>
release version 3.1.6</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/f407712fdc60a09c2b3f4fe7db557703e5d9338d"><code>f407712</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/f54fe98026253e70fbbcd35a6b52fb67cfff1c03"><code>f54fe98</code></a>
safe_join prevents Windows special device names in multi-segment
paths</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/d005985ef69ffe3275eda8fb6fb25e074dbe871b"><code>d005985</code></a>
start version 3.1.6</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/8565c2cbd6681ae8463e77d4fc0795324a7fdae7"><code>8565c2c</code></a>
document rule priority (<a
href="https://redirect.github.com/pallets/werkzeug/issues/3102">#3102</a>)</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/3febc7e90072bffe04c27e6b7478dfc4f88930df"><code>3febc7e</code></a>
document rule priority</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/2525b827646c10ab7adb334664e6a4af1b769181"><code>2525b82</code></a>
remove state machine docs</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/4abfbd553cdeb6d4e6fa693340d52b13c884079f"><code>4abfbd5</code></a>
rewrite build docstring (<a
href="https://redirect.github.com/pallets/werkzeug/issues/3097">#3097</a>)</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/161c18b2a8800ae6ef377fb3cbdb933a878fea67"><code>161c18b</code></a>
rewrite build docstring</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/86e11c29e44726dae524cd9db11549b3b1ad681d"><code>86e11c2</code></a>
release version 3.1.5 (<a
href="https://redirect.github.com/pallets/werkzeug/issues/3085">#3085</a>)</li>
<li>See full diff in <a
href="https://github.com/pallets/werkzeug/compare/3.1.5...3.1.6">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/comppolicylab/pingpong/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Choose a tag to compare

Sorry, something went wrong.

Sorry, something went wrong.

Uh oh!

No results found

Uh oh!