forked from tbass134/DogBreedDectector
-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update dependency flask to v2 #9
Open
mend-for-github-com
wants to merge
1
commit into
master
Choose a base branch
from
whitesource-remediate/flask-2.x
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
2 times, most recently
from
August 29, 2023 04:56
524afee
to
d332c46
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
2 times, most recently
from
September 6, 2023 05:13
fa539e5
to
61786bc
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
4 times, most recently
from
September 18, 2023 04:21
23edd4a
to
95fb5b3
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
4 times, most recently
from
October 11, 2023 07:03
a0b55ab
to
e325f3a
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
4 times, most recently
from
October 26, 2023 12:11
9d30799
to
0c45cfa
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
2 times, most recently
from
October 31, 2023 04:45
c11d525
to
c5ead88
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
3 times, most recently
from
November 23, 2023 05:30
aa1b4cb
to
131e343
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
2 times, most recently
from
November 30, 2023 04:57
3800276
to
714bb3f
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
2 times, most recently
from
December 11, 2023 05:01
fcb5cf8
to
5dd981d
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
3 times, most recently
from
December 19, 2023 05:10
d2e7213
to
ba7f4c0
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
from
December 21, 2023 01:36
ba7f4c0
to
b6bf964
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
6 times, most recently
from
August 17, 2024 01:35
171c1ac
to
1d4fec2
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
3 times, most recently
from
August 26, 2024 21:24
f81c228
to
f0322c0
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
4 times, most recently
from
September 6, 2024 00:15
2922206
to
48d8ab5
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
2 times, most recently
from
September 8, 2024 20:32
dc1003e
to
8d45294
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
5 times, most recently
from
September 27, 2024 21:32
8118946
to
7316beb
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
2 times, most recently
from
October 5, 2024 21:48
2c4136c
to
5730ba4
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
2 times, most recently
from
October 11, 2024 03:25
8261a8e
to
d30efcc
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
from
October 19, 2024 00:27
d30efcc
to
e67de8a
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
2 times, most recently
from
November 1, 2024 18:14
d868af3
to
942b75c
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
from
November 15, 2024 03:49
942b75c
to
a16ae2a
Compare
mend-for-github-com
bot
force-pushed
the
whitesource-remediate/flask-2.x
branch
from
December 18, 2024 12:09
a16ae2a
to
e5345ce
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
==1.0.2
->==2.2.5
By merging this PR, the below vulnerabilities will be automatically resolved:
Release Notes
pallets/flask (flask)
v2.2.5
Compare Source
Released 2023-05-02
Vary: Cookie
header when the session is accessed, modified, or refreshed.v2.2.4
Compare Source
Released 2023-04-25
v2.2.3
Compare Source
Released 2023-02-15
.svg
template files. :issue:4831
template_folder
to acceptpathlib.Path
. :issue:4892
--debug
option to theflask run
command. :issue:4777
v2.2.2
Compare Source
Released 2022-08-08
to the new faster router, header parsing, and the development
server. :pr:
4754
app.env
to be"production"
. Thisattribute remains deprecated. :issue:
4740
v2.2.1
Compare Source
Released 2022-08-03
json_encoder
orjson_decoder
raises adeprecation warning. :issue:
4732
v2.2.0
Compare Source
Released 2022-08-01
Remove previously deprecated code. :pr:
4667
send_file
parameters have been removed.download_name
replacesattachment_filename
,max_age
replaces
cache_timeout
, andetag
replacesadd_etags
.Additionally,
path
replacesfilename
insend_from_directory
.RequestContext.g
property returningAppContext.g
isremoved.
Update Werkzeug dependency to >= 2.2.
The app and request contexts are managed using Python context vars
directly rather than Werkzeug's
LocalStack
. This should resultin better performance and memory use. :pr:
4682
_app_ctx_stack.top
and
_request_ctx_stack.top
are deprecated. Store data ong
instead using a unique prefix, likeg._extension_name_attr
.The
FLASK_ENV
environment variable andapp.env
attribute aredeprecated, removing the distinction between development and debug
mode. Debug mode should be controlled directly using the
--debug
option or
app.run(debug=True)
. :issue:4714
Some attributes that proxied config keys on
app
are deprecated:session_cookie_name
,send_file_max_age_default
,use_x_sendfile
,propagate_exceptions
, andtemplates_auto_reload
. Use the relevant config keys instead.:issue:
4716
Add new customization points to the
Flask
app object for manypreviously global behaviors.
flask.url_for
will callapp.url_for
. :issue:4568
flask.abort
will callapp.aborter
.Flask.aborter_class
andFlask.make_aborter
can be usedto customize this aborter. :issue:
4567
flask.redirect
will callapp.redirect
. :issue:4569
flask.json
is an instance ofJSONProvider
. A differentprovider can be set to use a different JSON library.
flask.jsonify
will callapp.json.response
, otherfunctions in
flask.json
will call corresponding functions inapp.json
. :pr:4692
JSON configuration is moved to attributes on the default
app.json
provider.JSON_AS_ASCII
,JSON_SORT_KEYS
,JSONIFY_MIMETYPE
, andJSONIFY_PRETTYPRINT_REGULAR
aredeprecated. :pr:
4692
Setting custom
json_encoder
andjson_decoder
classes on theapp or a blueprint, and the corresponding
json.JSONEncoder
andJSONDecoder
classes, are deprecated. JSON behavior can now beoverridden using the
app.json
provider interface. :pr:4692
json.htmlsafe_dumps
andjson.htmlsafe_dump
are deprecated,the function is built-in to Jinja now. :pr:
4692
Refactor
register_error_handler
to consolidate error checking.Rewrite some error messages to be more consistent. :issue:
4559
Use Blueprint decorators and functions intended for setup after
registering the blueprint will show a warning. In the next version,
this will become an error just like the application setup methods.
:issue:
4571
before_first_request
is deprecated. Run setup code when creatingthe application instead. :issue:
4605
Added the
View.init_every_request
class attribute. If a viewsubclass sets this to
False
, the view will not create a newinstance on every request. :issue:
2520
.A
flask.cli.FlaskGroup
Click group can be nested as asub-command in a custom CLI. :issue:
3263
Add
--app
and--debug
options to theflask
CLI, insteadof requiring that they are set through environment variables.
:issue:
2836
Add
--env-file
option to theflask
CLI. This allowsspecifying a dotenv file to load in addition to
.env
and.flaskenv
. :issue:3108
It is no longer required to decorate custom CLI commands on
app.cli
orblueprint.cli
with@with_appcontext
, an appcontext will already be active at that point. :issue:
2410
SessionInterface.get_expiration_time
uses a timezone-awarevalue. :pr:
4645
View functions can return generators directly instead of wrapping
them in a
Response
. :pr:4629
Add
stream_template
andstream_template_string
functions torender a template as a stream of pieces. :pr:
4629
A new implementation of context preservation during debugging and
testing. :pr:
4666
request
,g
, and other context-locals point to thecorrect data when running code in the interactive debugger
console. :issue:
2836
even if the context is preserved. They are also run after the
preserved context is popped.
stream_with_context
preserves context separately from awith client
block. It will be cleaned up whenresponse.get_data()
orresponse.close()
is called.Allow returning a list from a view function, to convert it to a
JSON response like a dict is. :issue:
4672
When type checking, allow
TypedDict
to be returned from viewfunctions. :pr:
4695
Remove the
--eager-loading/--lazy-loading
options from theflask run
command. The app is always eager loaded the firsttime, then lazily loaded in the reloader. The reloader always prints
errors immediately but continues serving. Remove the internal
DispatchingApp
middleware used by the previous implementation.:issue:
4715
v2.1.3
Compare Source
Released 2022-07-13
commands. :pr:
4606
after_request
functions. :issue:4600
instance_path
for namespace packages uses the path closest tothe imported submodule. :issue:
4610
render_template
andrender_template_string
are used outside an application context.:pr:
4693
v2.1.2
Compare Source
Released 2022-04-28
json.loads
, it accepts str or bytes.:issue:
4519
--cert
and--key
options onflask run
can be givenin either order. :issue:
4459
v2.1.1
Compare Source
Released on 2022-03-30
which is required on Python < 3.10. :issue:
4502
v2.1.0
Compare Source
Released 2022-03-28
Drop support for Python 3.6. :pr:
4335
Update Click dependency to >= 8.0. :pr:
4008
Remove previously deprecated code. :pr:
4337
script_info
to app factory functions.config.from_json
is replaced byconfig.from_file(name, load=json.load)
.json
functions no longer take anencoding
parameter.safe_join
is removed, usewerkzeug.utils.safe_join
instead.
total_seconds
is removed, usetimedelta.total_seconds
instead.
name=
when registering to specify a unique name.as_tuple
parameter is removed. Useresponse.request.environ
instead. :pr:4417
Some parameters in
send_file
andsend_from_directory
wererenamed in 2.0. The deprecation period for the old names is extended
to 2.2. Be sure to test with deprecation warnings visible.
attachment_filename
is renamed todownload_name
.cache_timeout
is renamed tomax_age
.add_etags
is renamed toetag
.filename
is renamed topath
.The
RequestContext.g
property is deprecated. Useg
directlyor
AppContext.g
instead. :issue:3898
copy_current_request_context
can decorate async functions.:pr:
4303
The CLI uses
importlib.metadata
instead ofpkg_resources
toload command entry points. :issue:
4419
Overriding
FlaskClient.open
will not cause an error on redirect.:issue:
3396
Add an
--exclude-patterns
option to theflask run
CLIcommand to specify patterns that will be ignored by the reloader.
:issue:
4188
When using lazy loading (the default with the debugger), the Click
context from the
flask run
command remains available in theloader thread. :issue:
4460
Deleting the session cookie uses the
httponly
flag.:issue:
4485
Relax typing for
errorhandler
to allow the user to use moreprecise types and decorate the same function multiple times.
:issue:
4095, 4295, 4297
Fix typing for
__exit__
methods for better compatibility withExitStack
. :issue:4474
From Werkzeug, for redirect responses the
Location
header URLwill remain relative, and exclude the scheme and domain, by default.
:pr:
4496
Add
Config.from_prefixed_env()
to load config values fromenvironment variables that start with
FLASK_
or another prefix.This parses values as JSON by default, and allows setting keys in
nested dicts. :pr:
4479
v2.0.3
Compare Source
Released 2022-02-14
as_tuple
parameter is deprecated and will beremoved in Werkzeug 2.1. It is now also deprecated in Flask, to be
removed in Flask 2.1, while remaining compatible with both in
2.0.x. Use
response.request.environ
instead. :pr:4341
errorhandler
decorator. :issue:4295
ImportError
tracebacks when importing the application. :issue:
4307
app.json_encoder
andjson_decoder
are only passed todumps
andloads
if they have custom behavior. This improvesperformance, mainly on PyPy. :issue:
4349
after_this_request
is used outside arequest context. :issue:
4333
v2.0.2
Compare Source
Released 2021-10-04
teardown_*
methods. :issue:4093
before_request
andbefore_app_request
decorators. :issue:
4104
decorators to accept functions with no arguments. :issue:
4098
4112
app.errorhandler
decorator. :issue:4095
4124
static_folder
to acceptpathlib.Path
.:issue:
4150
jsonify
handlesdecimal.Decimal
by encoding tostr
.:issue:
4157
:issue:
4096
**kwargs
in acreate_app
function.:issue:
4170
before_request
and other callbacks that triggerbefore the view returns. They are called from the app down to the
closest nested blueprint. :issue:
4229
v2.0.1
Compare Source
Released 2021-05-21
filename
parameter insend_from_directory
. Thefilename
parameter has been renamed topath
, the old nameis deprecated. :pr:
4019
imports in user projects. :issue:
4024
g
and inform mypy that it is a namespaceobject that has arbitrary attributes. :issue:
4020
4040
send_file
,send_from_directory
, andget_send_file_max_age
. :issue:4044
, :pr:4026
.
hasspecial meaning, it is used to separate (nested) blueprint names and
the endpoint name. :issue:
4041
a
url_prefix
value. :issue:4037
URL is again matched after the session is loaded, so the session is
available in custom URL converters. :issue:
4053
Config.from_json
, which was accidentallyremoved early. :issue:
4078
Callable
in their typesignatures, focusing on decorator factories. :issue:
4060
different blueprints with the same name to be nested at different
locations. :issue:
4069
register_blueprint
takes aname
option to change the(pre-dotted) name the blueprint is registered with. This allows the
same blueprint to be registered multiple times with unique names for
url_for
. Registering the same blueprint with the same namemultiple times is deprecated. :issue:
1091
stream_with_context
. :issue:4052
v2.0.0
Compare Source
Released 2021-05-11
Jinja2 >= 3, MarkupSafe >= 2, ItsDangerous >= 2, Click >= 8. Be sure
to check the change logs for each project. For better compatibility
with other applications (e.g. Celery) that still require Click 7,
there is no hard dependency on Click 8 yet, but using Click 7 will
trigger a DeprecationWarning and Flask 2.1 will depend on Click 8.
override
app.json_encoder
andjson_decoder
. :issue:3555
encoding
option to JSON functions is deprecated. :pr:3562
script_info
to app factory functions is deprecated. Thiswas not portable outside the
flask
command. Useclick.get_current_context().obj
if it's needed. :issue:3552
when looking up commands. :issue:
2741
SessionInterface.get_cookie_name
to allow setting thesession cookie name dynamically. :pr:
3369
Config.from_file
to load config using arbitrary fileloaders, such as
toml.load
orjson.load
.Config.from_json
is deprecated in favor of this. :pr:3398
flask run
command will only defer errors on reload. Errorspresent during the initial call will cause the server to exit with
the traceback immediately. :issue:
3431
send_file
raises aValueError
when passed anio
objectin text mode. Previously, it would respond with 200 OK and an empty
file. :issue:
3358
instead of PyOpenSSL. :pr:
3492
FLASK_APP
, keywordargument can be passed. :issue:
3553
.env
or.flaskenv
file, the current workingdirectory is no longer changed to the location of the file.
:pr:
3560
(response, headers)
tuple from a view, theheaders replace rather than extend existing headers on the response.
For example, this allows setting the
Content-Type
forjsonify()
. Useresponse.headers.extend()
if extending isdesired. :issue:
3628
Scaffold
class provides a common API for theFlask
andBlueprint
classes.Blueprint
information is stored inattributes just like
Flask
, rather than opaque lambda functions.This is intended to improve consistency and maintainability.
:issue:
3215
samesite
andsecure
options when removing thesession cookie. :pr:
3726
pathlib.Path
tostatic_folder
. :pr:3579
send_file
andsend_from_directory
are wrappers around theimplementations in
werkzeug.utils
. :pr:3828
send_file
parameters have been renamed, the old names aredeprecated.
attachment_filename
is renamed todownload_name
.cache_timeout
is renamed tomax_age
.add_etags
isrenamed to
etag
. :pr:3828, 3883
send_file
passesdownload_name
even ifas_attachment=False
by usingContent-Disposition: inline
.:pr:
3828
send_file
setsconditional=True
andmax_age=None
bydefault.
Cache-Control
is set tono-cache
ifmax_age
isnot set, otherwise
public
. This tells browsers to validateconditional requests instead of using a timed cache. :pr:
3828
helpers.safe_join
is deprecated. Usewerkzeug.utils.safe_join
instead. :pr:3828
This could allow a session interface to change behavior based on
request.endpoint
. :issue:3776
|tojson
filter. :issue:3881
@app.post("/login")
is a shortcut for@app.route("/login", methods=["POST"])
. :pr:3907
teardown functions. :pr:
3412
593, 1548
, :pr:3923
.env
and.flaskenv
files to allow to use non-ASCII characters. :issue:3931
flask shell
sets up tab and history completion like the defaultpython
shell ifreadline
is installed. :issue:3941
helpers.total_seconds()
is deprecated. Usetimedelta.total_seconds()
instead. :pr:3962
3973
.v1.1.4
Compare Source
Released 2021-05-13
static_folder
to use_compat.fspath
instead ofos.fspath
to continue supporting Python < 3.6 :issue:4050
v1.1.3
Compare Source
Released 2021-05-13
:issue:
4043
pathlib.Path
forstatic_folder
.:pr:
3579
v1.1.2
Compare Source
Released 2020-04-03
flask
command with anexternal debugger on Windows. :issue:
3297
Flask
static_folder
argument ends with a slash. :issue:3452
v1.1.1
Compare Source
Released 2019-07-08
flask.json_available
flag was added back for compatibilitywith some extensions. It will raise a deprecation warning when used,
and will be removed in version 2.0.0. :issue:
3288
v1.1.0
Compare Source
Released 2019-07-04
Bump minimum Werkzeug version to >= 0.15.
Drop support for Python 3.4.
Error handlers for
InternalServerError
or500
will always bepassed an instance of
InternalServerError
. If they are invokeddue to an unhandled exception, that original exception is now
available as
e.original_exception
rather than being passeddirectly to the handler. The same is true if the handler is for the
base
HTTPException
. This makes error handler behavior moreconsistent. :pr:
3266
Flask.finalize_request
is called for all unhandledexceptions even if there is no
500
error handler.Flask.logger
takes the same name asFlask.name
(the valuepassed as
Flask(import_name)
. This reverts 1.0's behavior ofalways logging to
"flask.app"
, in order to support multiple appsin the same process. A warning will be shown if old configuration is
detected that needs to be moved. :issue:
2866
RequestContext.copy
includes the current session object in therequest context copy. This prevents
session
pointing to anout-of-date object. :issue:
2935
Using built-in RequestContext, unprintable Unicode characters in
Host header will result in a HTTP 400 response and not HTTP 500 as
previously. :pr:
2994
send_file
supportsPathLike
objects as described in:pep:
519
, to supportpathlib
in Python 3. :pr:3059
send_file
supportsBytesIO
partial content.:issue:
2957
open_resource
accepts the "rt" file mode. This still does thesame thing as "r". :issue:
3163
The
MethodView.methods
attribute set in a base class is used bysubclasses. :issue:
3138
Flask.jinja_options
is adict
instead of anImmutableDict
to allow easier configuration. Changes must stillbe made before creating the environment. :pr:
3190
Flask's
JSONMixin
for the request and response wrappers wasmoved into Werkzeug. Use Werkzeug's version with Flask-specific
support. This bumps the Werkzeug dependency to >= 0.15.
:issue:
3125
The
flask
command entry point is simplified to take advantageof Werkzeug 0.15's better reloader support. This bumps the Werkzeug
dependency to >= 0.15. :issue:
3022
Support
static_url_path
that ends with a forward slash.:issue:
3134
Support empty
static_folder
without requiring setting an emptystatic_url_path
as well. :pr:3124
jsonify
supportsdataclass
objects. :pr:3195
Allow customizing the
Flask.url_map_class
used for routing.:pr:
3069
The development server port can be set to 0, which tells the OS to
pick an available port. :issue:
2926
The return value from
cli.load_dotenv
is more consistent withthe documentation. It will return
False
if python-dotenv is notinstalled, or if the given path isn't a file. :issue:
2937
Signaling support has a stub for the
connect_via
method whenthe Blinker library is not installed. :pr:
3208
Add an
--extra-files
option to theflask run
CLI command tospecify extra files that will trigger the reloader on change.
:issue:
2897
Allow returning a dictionary from a view function. Similar to how
returning a string will produce a
text/html
response, returninga dict will call
jsonify
to produce aapplication/json
response. :pr:
3111
Blueprints have a
cli
Click group likeapp.cli
. CLI commandsregistered with a blueprint will be available as a group under the
flask
command. :issue:1357
.When using the test client as a context manager (
with client:
),all preserved request contexts are popped when the block exits,
ensuring nested contexts are cleaned up correctly. :pr:
3157
Show a better error message when the view return type is not
supported. :issue:
3214
flask.testing.make_test_environ_builder()
has been deprecated infavour of a new class
flask.testing.EnvironBuilder
. :pr:3232
The
flask run
command no longer fails if Python is not builtwith SSL support. Using the
--cert
option will show anappropriate error message. :issue:
3211
URL matching now occurs after the request context is pushed, rather
than when it's created. This allows custom URL converters to access
the app and request contexts, such as to query a database for an id.
:issue:
3088
v1.0.4
Compare Source
Released 2019-07-04
BadRequestKeyError
is no longer clearedoutside debug mode, so error handlers can still access it. This
requires upgrading to Werkzeug 0.15.5. :issue:
3249
send_file
url quotes the ":" and "/" characters for morecompatible UTF-8 filename support in some browsers. :issue:
3074
451
import loaders and pytest 5.x. :issue:3275
3285
v1.0.3
Compare Source
Released 2019-05-17
send_file
encodes filenames as ASCII instead of Latin-1(ISO-8859-1). This fixes compatibility with Gunicorn, which is
stricter about header encodings than :pep:
3333
. :issue:2766
FlaskGroup
to set the debug flag withoutit always being overwritten based on environment variables.
:pr:
2765
flask --version
outputs Werkzeug's version and simplifies thePython version. :pr:
2825
send_file
handles anattachment_filename
that is a nativePython 2 string (bytes) with UTF-8 coded bytes. :issue:
2933
HTTPException
will nothandle
RoutingException
, which is used internally duringrouting. This fixes the unexpected behavior that had been introduced
in 1.0. :pr:
2986
json
argument toapp.test_client
does notpush/pop an extra app context. :issue:
2900