Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore(deps): bump flask from 3.0.3 to 3.1.0 (#99)
Bumps [flask](https://github.com/pallets/flask) from 3.0.3 to 3.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pallets/flask/releases">flask's releases</a>.</em></p> <blockquote> <h2>3.1.0</h2> <p>This is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as <a href="https://pypi.org/project/pip-tools/">pip-tools</a> to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.</p> <p>PyPI: <a href="https://pypi.org/project/Flask/3.1.0/">https://pypi.org/project/Flask/3.1.0/</a> Changes: <a href="https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0">https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0</a> Milestone: <a href="https://github.com/pallets/flask/milestone/33?closed=1">https://github.com/pallets/flask/milestone/33?closed=1</a></p> <ul> <li>Drop support for Python 3.8. <a href="https://redirect.github.com/pallets/flask/issues/5623">#5623</a></li> <li>Update minimum dependency versions to latest feature releases. Werkzeug >= 3.1, ItsDangerous >= 2.2, Blinker >= 1.9. <a href="https://redirect.github.com/pallets/flask/issues/5624">#5624</a>, <a href="https://redirect.github.com/pallets/flask/issues/5633">#5633</a></li> <li>Provide a configuration option to control automatic option responses. <a href="https://redirect.github.com/pallets/flask/issues/5496">#5496</a></li> <li><code>Flask.open_resource</code>/<code>open_instance_resource</code> and <code>Blueprint.open_resource</code> take an <code>encoding</code> parameter to use when opening in text mode. It defaults to <code>utf-8</code>. <a href="https://redirect.github.com/pallets/flask/issues/5504">#5504</a></li> <li><code>Request.max_content_length</code> can be customized per-request instead of only through the <code>MAX_CONTENT_LENGTH</code> config. Added <code>MAX_FORM_MEMORY_SIZE</code> and <code>MAX_FORM_PARTS</code> config. Added documentation about resource limits to the security page. <a href="https://redirect.github.com/pallets/flask/issues/5625">#5625</a></li> <li>Add support for the <code>Partitioned</code> cookie attribute (CHIPS), with the <code>SESSION_COOKIE_PARTITIONED</code> config. <a href="https://redirect.github.com/pallets/flask/issues/5472">#5472</a></li> <li><code>-e path</code> takes precedence over default <code>.env</code> and <code>.flaskenv</code> files. <code>load_dotenv</code> loads default files in addition to a path unless <code>load_defaults=False</code> is passed. <a href="https://redirect.github.com/pallets/flask/issues/5628">#5628</a></li> <li>Support key rotation with the <code>SECRET_KEY_FALLBACKS</code> config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. <a href="https://redirect.github.com/pallets/flask/issues/5621">#5621</a></li> <li>Fix how setting <code>host_matching=True</code> or <code>subdomain_matching=False</code> interacts with <code>SERVER_NAME</code>. Setting <code>SERVER_NAME</code> no longer restricts requests to only that domain. <a href="https://redirect.github.com/pallets/flask/issues/5553">#5553</a></li> <li><code>Request.trusted_hosts</code> is checked during routing, and can be set through the <code>TRUSTED_HOSTS</code> config. <a href="https://redirect.github.com/pallets/flask/issues/5636">#5636</a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pallets/flask/blob/main/CHANGES.rst">flask's changelog</a>.</em></p> <blockquote> <h2>Version 3.1.0</h2> <p>Released 2024-11-13</p> <ul> <li>Drop support for Python 3.8. :pr:<code>5623</code></li> <li>Update minimum dependency versions to latest feature releases. Werkzeug >= 3.1, ItsDangerous >= 2.2, Blinker >= 1.9. :pr:<code>5624,5633</code></li> <li>Provide a configuration option to control automatic option responses. :pr:<code>5496</code></li> <li><code>Flask.open_resource</code>/<code>open_instance_resource</code> and <code>Blueprint.open_resource</code> take an <code>encoding</code> parameter to use when opening in text mode. It defaults to <code>utf-8</code>. :issue:<code>5504</code></li> <li><code>Request.max_content_length</code> can be customized per-request instead of only through the <code>MAX_CONTENT_LENGTH</code> config. Added <code>MAX_FORM_MEMORY_SIZE</code> and <code>MAX_FORM_PARTS</code> config. Added documentation about resource limits to the security page. :issue:<code>5625</code></li> <li>Add support for the <code>Partitioned</code> cookie attribute (CHIPS), with the <code>SESSION_COOKIE_PARTITIONED</code> config. :issue:<code>5472</code></li> <li><code>-e path</code> takes precedence over default <code>.env</code> and <code>.flaskenv</code> files. <code>load_dotenv</code> loads default files in addition to a path unless <code>load_defaults=False</code> is passed. :issue:<code>5628</code></li> <li>Support key rotation with the <code>SECRET_KEY_FALLBACKS</code> config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. :issue:<code>5621</code></li> <li>Fix how setting <code>host_matching=True</code> or <code>subdomain_matching=False</code> interacts with <code>SERVER_NAME</code>. Setting <code>SERVER_NAME</code> no longer restricts requests to only that domain. :issue:<code>5553</code></li> <li><code>Request.trusted_hosts</code> is checked during routing, and can be set through the <code>TRUSTED_HOSTS</code> config. :issue:<code>5636</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pallets/flask/commit/ab8149664182b662453a563161aa89013c806dc9"><code>ab81496</code></a> release version 3.1.0</li> <li><a href="https://github.com/pallets/flask/commit/70602a196a6da90eb0d34cdfe5d4d16a99606279"><code>70602a1</code></a> remove test pypi</li> <li><a href="https://github.com/pallets/flask/commit/6748a09341deeac16acb33996df95a31fae0c545"><code>6748a09</code></a> update dev dependencies</li> <li><a href="https://github.com/pallets/flask/commit/22c48a738b5fb5b5cf09fb77270139f116069748"><code>22c48a7</code></a> Merge remote-tracking branch 'origin/stable'</li> <li><a href="https://github.com/pallets/flask/commit/2eab96a32a92ceb4b6947102626f896816a0291d"><code>2eab96a</code></a> use generic bases for session (<a href="https://redirect.github.com/pallets/flask/issues/5638">#5638</a>)</li> <li><a href="https://github.com/pallets/flask/commit/f49dbfd3e451006a485e81ebce030495131c4454"><code>f49dbfd</code></a> use generic bases for session</li> <li><a href="https://github.com/pallets/flask/commit/7b21d43d4c763b874bc86d4c2d69a48ee492dc22"><code>7b21d43</code></a> configure and check <code>request.trusted_hosts</code> (<a href="https://redirect.github.com/pallets/flask/issues/5637">#5637</a>)</li> <li><a href="https://github.com/pallets/flask/commit/4f7156f2c3271613b34d04040b502b9d7ae35eb9"><code>4f7156f</code></a> configure and check trusted_hosts</li> <li><a href="https://github.com/pallets/flask/commit/10bdf61a0f751f3cb000f8f8ac5ac5b4bb535677"><code>10bdf61</code></a> setting <code>SERVER_NAME</code> does not restrict routing for both <code>subdomain_matching</code>...</li> <li><a href="https://github.com/pallets/flask/commit/4995a775df21a206b529403bc30d71795a994fd4"><code>4995a77</code></a> fix subdomain_matching=False behavior</li> <li>Additional commits viewable in <a href="https://github.com/pallets/flask/compare/3.0.3...3.1.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
- Loading branch information
