Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update dependency flask to v1 #12

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update dependency flask to v1 #12

wants to merge 1 commit into from

Conversation

dev-mend-for-github-com[bot]
Copy link

This PR contains the following updates:

Package Update Change
flask (changelog) major ==0.10 -> ==1.0

By merging this PR, the issue #4 will be automatically resolved and closed:

Severity CVSS Score CVE
High High 7.5 CVE-2018-1000656
High High 7.5 CVE-2019-1010083

Release Notes

pallets/flask (flask)

v1.0

Compare Source

Unreleased

v0.12.5

Compare Source

Released 2020-02-10

  • Pin Werkzeug to < 1.0.0. :issue:3497

v0.12.4

Compare Source

Released 2018-04-29

  • Repackage 0.12.3 to fix package layout issue. :issue:2728

v0.12.3

Compare Source

Released 2018-04-26

  • Request.get_json no longer accepts arbitrary encodings.
    Incoming JSON should be encoded using UTF-8 per :rfc:8259, but
    Flask will autodetect UTF-8, -16, or -32. :issue:2692
  • Fix a Python warning about imports when using python -m flask.
    :issue:2666
  • Fix a ValueError caused by invalid Range requests in some
    cases.

v0.12.2

Compare Source

Released 2017-05-16

  • Fix a bug in safe_join on Windows.

v0.12.1

Compare Source

Released 2017-03-31

  • Prevent flask run from showing a NoAppException when an
    ImportError occurs within the imported application module.
  • Fix encoding behavior of app.config.from_pyfile for Python 3.
    :issue:2118
  • Use the SERVER_NAME config if it is present as default values
    for app.run. :issue:2109, :pr:2152
  • Call ctx.auto_pop with the exception object instead of None,
    in the event that a BaseException such as KeyboardInterrupt
    is raised in a request handler.

v0.12

Compare Source

Released 2020-02-10

  • Pin Werkzeug to < 1.0.0. :issue:3497

v0.11.1

Compare Source

Released 2016-06-07

  • Fixed a bug that prevented FLASK_APP=foobar/__init__.py from
    working. :pr:1872

v0.11

Compare Source

Released 2016-06-07

  • Fixed a bug that prevented FLASK_APP=foobar/__init__.py from
    working. :pr:1872

v0.10.1

Compare Source

Released 2013-06-14

  • Fixed an issue where |tojson was not quoting single quotes which
    made the filter not work properly in HTML attributes. Now it's
    possible to use that filter in single quoted attributes. This should
    make using that filter with angular.js easier.
  • Added support for byte strings back to the session system. This
    broke compatibility with the common case of people putting binary
    data for token verification into the session.
  • Fixed an issue where registering the same method twice for the same
    endpoint would trigger an exception incorrectly.
  • If you want to rebase/retry this PR, check this box

@dev-mend-for-github-com dev-mend-for-github-com bot added the security fix Security fix generated by Mend label May 4, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
security fix Security fix generated by Mend
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
0 participants