Skip to content

Commit

Permalink
maint(deps): update flask requirement from 2.2.2 to 2.2.5 in /example…
Browse files Browse the repository at this point in the history 
…s/hello-world-flask (#171)

Updates the requirements on [flask](https://github.com/pallets/flask) to
permit the latest version.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/flask/releases">flask's
releases</a>.</em></p>
<blockquote>
<h2>2.2.5</h2>
<p>This is a security fix release for the 2.2.x release branch. Note
that 2.3.x is the currently supported release branch; please upgrade to
the latest version if possible.</p>
<ul>
<li>Security advisory: <a
href="https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq">https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq</a>,
CVE-2023-30861</li>
<li>Changes: <a
href="https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5">https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5</a></li>
<li>Milestone: <a
href="https://github.com/pallets/flask/milestone/30?closed=1">https://github.com/pallets/flask/milestone/30?closed=1</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/flask/blob/main/CHANGES.rst">flask's
changelog</a>.</em></p>
<blockquote>
<h2>Version 2.2.5</h2>
<p>Released 2023-05-02</p>
<ul>
<li>Update for compatibility with Werkzeug 2.3.3.</li>
<li>Set <code>Vary: Cookie</code> header when the session is accessed,
modified, or refreshed.</li>
</ul>
<h2>Version 2.2.4</h2>
<p>Released 2023-04-25</p>
<ul>
<li>Update for compatibility with Werkzeug 2.3.</li>
</ul>
<h2>Version 2.2.3</h2>
<p>Released 2023-02-15</p>
<ul>
<li>Autoescape is enabled by default for <code>.svg</code> template
files. :issue:<code>4831</code></li>
<li>Fix the type of <code>template_folder</code> to accept
<code>pathlib.Path</code>. :issue:<code>4892</code></li>
<li>Add <code>--debug</code> option to the <code>flask run</code>
command. :issue:<code>4777</code></li>
</ul>
<h2>Version 2.2.2</h2>
<p>Released 2022-08-08</p>
<ul>
<li>Update Werkzeug dependency to &gt;= 2.2.2. This includes fixes
related
to the new faster router, header parsing, and the development
server. :pr:<code>4754</code></li>
<li>Fix the default value for <code>app.env</code> to be
<code>&quot;production&quot;</code>. This
attribute remains deprecated. :issue:<code>4740</code></li>
</ul>
<h2>Version 2.2.1</h2>
<p>Released 2022-08-03</p>
<ul>
<li>Setting or accessing <code>json_encoder</code> or
<code>json_decoder</code> raises a
deprecation warning. :issue:<code>4732</code></li>
</ul>
<h2>Version 2.2.0</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/flask/commit/47af817c8fe01045c641b97f8fb784c7ad864eee"><code>47af817</code></a>
release version 2.2.5</li>
<li><a
href="https://github.com/pallets/flask/commit/afd63b16170b7c047f5758eb910c416511e9c965"><code>afd63b1</code></a>
Merge pull request <a
href="https://redirect.github.com/pallets/flask/issues/5109">#5109</a>
from pallets/backport-vary-cookie</li>
<li><a
href="https://github.com/pallets/flask/commit/8646edca6f47e2cd57464081b3911218d4734f8d"><code>8646edc</code></a>
set <code>Vary: Cookie</code> header consistently for session</li>
<li><a
href="https://github.com/pallets/flask/commit/a6367dac747c1e149c60767eee7e8aa9c281c58e"><code>a6367da</code></a>
Merge pull request <a
href="https://redirect.github.com/pallets/flask/issues/5108">#5108</a>
from pallets/werkzeug-compat</li>
<li><a
href="https://github.com/pallets/flask/commit/3fbfbad79fe294918459b70eb409d555b20de2c8"><code>3fbfbad</code></a>
werkzeug 2.3.3 compatibility</li>
<li><a
href="https://github.com/pallets/flask/commit/726d3f4fa9e8a2960541debc2d2713571da54441"><code>726d3f4</code></a>
start version 2.2.5</li>
<li><a
href="https://github.com/pallets/flask/commit/ddc7accaa2e83b328f969c120af2ce0804876b4a"><code>ddc7acc</code></a>
Merge pull request <a
href="https://redirect.github.com/pallets/flask/issues/5081">#5081</a>
from pallets/release-2.2.4</li>
<li><a
href="https://github.com/pallets/flask/commit/74e03298200e33951ca350a35aa3a8c0b4ff8177"><code>74e0329</code></a>
release version 2.2.4</li>
<li><a
href="https://github.com/pallets/flask/commit/2d460685b1b3d66c713739ee91183c22fb2e5dc8"><code>2d46068</code></a>
update dev env</li>
<li><a
href="https://github.com/pallets/flask/commit/64bc45874daf4b9828830ea0037a19beb8364ee3"><code>64bc458</code></a>
update dev dependencies</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/flask/compare/2.2.2...2.2.5">compare
view</a></li>
</ul>
</details>
<br />


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] committed Feb 6, 2024
1 parent d7bd2c9 commit fddd2e5
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion examples/hello-world-flask/pyproject.toml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ readme = "README.md"

[tool.poetry.dependencies]
python = "^3.10"
flask = "2.2.2"
flask = "2.2.5"
Werkzeug = "2.2.2"
honeycomb-opentelemetry = {path = "../../", develop = true}
opentelemetry-api = "1.22.0"
Expand Down

0 comments on commit fddd2e5

Please sign in to comment.