这是indexloc提供的服务,不要输入任何密码
Skip to content

chore(deps): bump werkzeug from 2.3.1 to 2.3.4 in /tests/apps/python-flask #5842

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 13, 2023
Merged

chore(deps): bump werkzeug from 2.3.1 to 2.3.4 in /tests/apps/python-flask #5842

merged 1 commit into from
May 13, 2023

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 9, 2023

Bumps werkzeug from 2.3.1 to 2.3.4.

Release notes

Sourced from werkzeug's releases.

2.3.4

This is a fix release for the 2.3.x release branch.

2.3.3

This is a fix release for the 2.3.x release branch.

2.3.2

This is a fix release for the 2.3.x release branch.

Changelog

Sourced from werkzeug's changelog.

Version 2.3.4

Released 2023-05-08

  • Authorization.from_header and WWWAuthenticate.from_header detects tokens that end with base64 padding (=). :issue:2685
  • Remove usage of warnings.catch_warnings. :issue:2690
  • Remove max_form_parts restriction from standard form data parsing and only use if for multipart content. :pr:2694
  • Response will avoid converting the Location header in some cases to preserve invalid URL schemes like itms-services. :issue:2691

Version 2.3.3

Released 2023-05-01

  • Fix parsing of large multipart bodies. Remove invalid leading newline, and restore parsing speed. :issue:2658, 2675
  • The cookie Path attribute is set to / by default again, to prevent clients from falling back to RFC 6265's default-path behavior. :issue:2672, 2679

Version 2.3.2

Released 2023-04-28

  • Parse the cookie Expires attribute correctly in the test client. :issue:2669
  • max_content_length can only be enforced on streaming requests if the server sets wsgi.input_terminated. :issue:2668
Commits
  • 9959cff release version 2.3.4
  • 3b1b0e0 update version to remove deprecations to 3.0 (#2696)
  • 0820d2e update removal version to 3.0
  • 5a149fa preserve invalid itms-services url scheme (#2695)
  • 6822773 preserve invalid itms-services url scheme
  • 3072610 Do not apply max_form_parts to non-multipart data (#2694)
  • 4321c5b Do not apply max_form_parts to non-multipart data
  • 3a4c8d0 Remove uses of warnings.catch_warnings (#2690) (#2692)
  • 2051469 WWWAuthenticate.from_header handles base64 padding in token
  • 6e63efe Make werkzeug.http.parse_dict_header avoid base64 padding (#2686)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump werkzeug in /tests/apps/python-flask
6105a01 
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 2.3.1 to 2.3.4.
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](pallets/werkzeug@2.3.1...2.3.4)

---
updated-dependencies:
- dependency-name: werkzeug
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the type: dependencies Pull requests that update a dependency file label May 9, 2023
@dependabot dependabot bot mentioned this pull request May 9, 2023
Closed
@josegonzalez josegonzalez merged commit 7293d1d into master May 13, 2023
@josegonzalez josegonzalez deleted the dependabot/pip/tests/apps/python-flask/werkzeug-2.3.4 branch May 13, 2023 03:41
github-actions bot pushed a commit that referenced this pull request May 13, 2023
Release 0.30.4
e72f5b1 
# History

## 0.30.4

Install/update via the bootstrap script:

```shell
wget -NP . https://dokku.com/install/v0.30.4/bootstrap.sh
sudo DOKKU_TAG=v0.30.4 bash bootstrap.sh
```

### Bug Fixes

- #5786: @obrienmd Detect id_ed25519.pub in git:public-key command
- #5758: @josegonzalez Support pack-based images that do not have a Procfile

### New Features

- #5851: @josegonzalez Allow setting _ as domain name for default nginx routing

### Documentation

- #5853: @josegonzalez Always overwrite bootstrap install file
- #5828: @josegonzalez Add a note to the troubleshooting docs pointing developers to bind to all interfaces
- #5827: @josegonzalez Add permalink support to headers

### Tests

- #5850: @josegonzalez Only run packer validation if any packer-related files were changed

### Dependencies

- #5837: @dependabot[bot] chore(deps): bump golang from 1.20.3 to 1.20.4 in /tests/apps/zombies-dockerfile-tini
- #5836: @dependabot[bot] chore(deps): bump golang from 1.20.3 to 1.20.4 in /tests/apps/gogrpc
- #5832: @dependabot[bot] chore(deps): bump flask from 2.3.1 to 2.3.2 in /tests/apps/multi
- #5831: @dependabot[bot] chore(deps): bump flask from 2.3.1 to 2.3.2 in /tests/apps/python-flask
- #5839: @dependabot[bot] chore(deps): bump mkdocs from 1.4.2 to 1.4.3 in /docs/_build
- #5835: @dependabot[bot] chore(deps): bump golang from 1.20.3 to 1.20.4 in /tests/apps/zombies-dockerfile-no-tini
- #5838: @dependabot[bot] chore(deps): bump golang from 1.20.3 to 1.20.4 in /tests/apps/go-fail-predeploy
- #5841: @dependabot[bot] chore(deps): bump golang.org/x/net from 0.9.0 to 0.10.0 in /tests/apps/gogrpc
- #5842: @dependabot[bot] chore(deps): bump werkzeug from 2.3.1 to 2.3.4 in /tests/apps/python-flask
- #5844: @dependabot[bot] chore(deps): bump django from 4.1.7 to 4.1.9 in /tests/apps/dockerfile-release
- #5848: @dependabot[bot] chore(deps): bump mkdocs-material from 9.1.8 to 9.1.12 in /docs/_build
- #5840: @dependabot[bot] chore(deps): bump golang from 1.20.3 to 1.20.4 in /tests/apps/go-fail-postdeploy
- #5823: @dependabot[bot] chore(deps): bump flask from 2.2.3 to 2.3.1 in /tests/apps/python-flask
- #5825: @dependabot[bot] chore(deps): bump flask from 2.2.3 to 2.3.1 in /tests/apps/multi
- #5826: @dependabot[bot] chore(deps): bump werkzeug from 2.2.3 to 2.3.1 in /tests/apps/python-flask
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

type: dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@josegonzalez