Skip to content
This repository has been archived by the owner on Nov 25, 2023. It is now read-only.

Bump flask from 2.2.3 to 2.3.1 #127

Merged
merged 1 commit into from
Apr 26, 2023
Merged

Bump flask from 2.2.3 to 2.3.1 #127

merged 1 commit into from
Apr 26, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 26, 2023

Bumps flask from 2.2.3 to 2.3.1.

Release notes

Sourced from flask's releases.

2.3.1

This is a fix release for the 2.3.x release branch.

2.3.0

This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 2.3.x branch is now the supported fix branch, the 2.2.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

2.2.4

This is a fix release for the 2.2.x release branch.

Changelog

Sourced from flask's changelog.

Version 2.3.1

Released 2023-04-25

  • Restore deprecated from flask import Markup. :issue:5084

Version 2.3.0

Released 2023-04-25

  • Drop support for Python 3.7. :pr:5072

  • Update minimum requirements to the latest versions: Werkzeug>=2.3.0, Jinja2>3.1.2, itsdangerous>=2.1.2, click>=8.1.3.

  • Remove previously deprecated code. :pr:4995

    • The push and pop methods of the deprecated _app_ctx_stack and _request_ctx_stack objects are removed. top still exists to give extensions more time to update, but it will be removed.
    • The FLASK_ENV environment variable, ENV config key, and app.env property are removed.
    • The session_cookie_name, send_file_max_age_default, use_x_sendfile, propagate_exceptions, and templates_auto_reload properties on app are removed.
    • The JSON_AS_ASCII, JSON_SORT_KEYS, JSONIFY_MIMETYPE, and JSONIFY_PRETTYPRINT_REGULAR config keys are removed.
    • The app.before_first_request and bp.before_app_first_request decorators are removed.
    • json_encoder and json_decoder attributes on app and blueprint, and the corresponding json.JSONEncoder and JSONDecoder classes, are removed.
    • The json.htmlsafe_dumps and htmlsafe_dump functions are removed.
    • Calling setup methods on blueprints after registration is an error instead of a warning. :pr:4997

  • Importing escape and Markup from flask is deprecated. Import them directly from markupsafe instead. :pr:4996

  • The app.got_first_request property is deprecated. :pr:4997

  • The locked_cached_property decorator is deprecated. Use a lock inside the decorated function if locking is needed. :issue:4993

  • Signals are always available. blinker>=1.6.2 is a required dependency. The signals_available attribute is deprecated. :issue:5056

  • Signals support async subscriber functions. :pr:5049

  • Remove uses of locks that could cause requests to block each other very briefly. :issue:4993

  • Use modern packaging metadata with pyproject.toml instead of setup.cfg. :pr:4947

  • Ensure subdomains are applied with nested blueprints. :issue:4834

  • config.from_file can use text=False to indicate that the parser wants a

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump flask from 2.2.3 to 2.3.1
55c6261 
Bumps [flask](https://github.com/pallets/flask) from 2.2.3 to 2.3.1.
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/2.3.1/CHANGES.rst)
- [Commits](pallets/flask@2.2.3...2.3.1)

---
updated-dependencies:
- dependency-name: flask
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 26, 2023
@dabio
Copy link
Owner

dabio commented Apr 26, 2023

@dependabot merge

@dependabot dependabot bot merged commit f7c36ce into master Apr 26, 2023
4 checks passed
@dependabot dependabot bot deleted the dependabot/pip/flask-2.3.1 branch April 26, 2023 05:17
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@dabio