Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump flask from 1.1.4 to 2.3.2 #532

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump flask from 1.1.4 to 2.3.2 #532

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github May 1, 2023

Bumps flask from 1.1.4 to 2.3.2.

Release notes

Sourced from flask's releases.

2.3.2

This is a security fix release for the 2.3.x release branch.

2.3.1

This is a fix release for the 2.3.x release branch.

2.3.0

This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 2.3.x branch is now the supported fix branch, the 2.2.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

2.2.4

This is a fix release for the 2.2.x release branch.

2.2.3

This is a fix release for the 2.2.x release branch.

2.2.2

This is a fix release for the 2.2.0 feature release.

2.2.1

This is a fix release for the 2.2.0 feature release.

2.2.0

This is a feature release, which includes new features and removes previously deprecated code. The 2.2.x branch is now the supported bug fix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades.

2.1.3

... (truncated)

Changelog

Sourced from flask's changelog.

Version 2.3.2

Released 2023-05-01

  • Set Vary: Cookie header when the session is accessed, modified, or refreshed.
  • Update Werkzeug requirement to >=2.3.3 to apply recent bug fixes.

Version 2.3.1

Released 2023-04-25

  • Restore deprecated from flask import Markup. :issue:5084

Version 2.3.0

Released 2023-04-25

  • Drop support for Python 3.7. :pr:5072

  • Update minimum requirements to the latest versions: Werkzeug>=2.3.0, Jinja2>3.1.2, itsdangerous>=2.1.2, click>=8.1.3.

  • Remove previously deprecated code. :pr:4995

    • The push and pop methods of the deprecated _app_ctx_stack and _request_ctx_stack objects are removed. top still exists to give extensions more time to update, but it will be removed.
    • The FLASK_ENV environment variable, ENV config key, and app.env property are removed.
    • The session_cookie_name, send_file_max_age_default, use_x_sendfile, propagate_exceptions, and templates_auto_reload properties on app are removed.
    • The JSON_AS_ASCII, JSON_SORT_KEYS, JSONIFY_MIMETYPE, and JSONIFY_PRETTYPRINT_REGULAR config keys are removed.
    • The app.before_first_request and bp.before_app_first_request decorators are removed.
    • json_encoder and json_decoder attributes on app and blueprint, and the corresponding json.JSONEncoder and JSONDecoder classes, are removed.
    • The json.htmlsafe_dumps and htmlsafe_dump functions are removed.
    • Calling setup methods on blueprints after registration is an error instead of a warning. :pr:4997

  • Importing escape and Markup from flask is deprecated. Import them directly from markupsafe instead. :pr:4996

  • The app.got_first_request property is deprecated. :pr:4997

  • The locked_cached_property decorator is deprecated. Use a lock inside the decorated function if locking is needed. :issue:4993

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump flask from 1.1.4 to 2.3.2
85316dc 
Bumps [flask](https://github.com/pallets/flask) from 1.1.4 to 2.3.2.
- [Release notes](https://github.com/pallets/flask/releases)
- [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst)
- [Commits](pallets/flask@1.1.4...2.3.2)

---
updated-dependencies:
- dependency-name: flask
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label May 1, 2023
@cla-bot
Copy link

cla-bot bot commented May 1, 2023

Thank you for contributing!

We detected that this might be your first contribution to a Neuraxio open-source project. Before we can look at your open-source contributions, you (or your employer or company depending on the situation) will need to sign a Contributor License Agreement (CLA). You can sign it here.

Once the CLA will be signed, please reply here and tell us. For example: I signed it, My employer signed it or My company signed it.

Thank you for taking the time to contribute!

@pull-checklist
Copy link

pull-checklist bot commented May 1, 2023

New contributor? Ensure you do this.

  • Your local Git username is set to your GitHub username, and your local Git email is set to your GitHub email. This is important to avoid breaking the cla-bot and for your contributions to be linked to your profile. If at least 1 contribution is not commited properly using the good credentials, the cla-bot will break until your re-commit it.
  • Use the PyCharm IDE with PyTest to test your code. Reformatting your code at every file save is a good idea, using PyCharm's Ctrl+Alt+L shortcut. You may reorganize imports automatically as well, as long as your project root is well configured. Run the tests to see if everything works, and always ensure that all tests run before opening a pull request as well.
  • We recommend letting PyCharm manage the virtual environment by creating a new one just for this project, and using PyTest as a test runner in PyCharm. This is not required, but should help in getting you started.
  • Please make your pull request(s) editable, such as for us to add you to the list of contributors if you didn't add the entry, for example.
  • To contribute, first fork the project, then do your changes, and then open a pull request in the main repository.
  • Sign the Contributor License Agreement (CLA) to allow Neuraxio to use and publish your contributions under the Apache 2.0 license, in order for everyone to be able to use your open-source contributions. Follow the instructions of the cla-bot upon opening the pull request.

Things to check at each Pull Request (PR)

  • Your local Git username is set to your GitHub username, and your local Git email is set to your GitHub email. This is important to avoid breaking the cla-bot and for your contributions to be linked to your profile. More info: https://github.com/settings/emails
  • Argument's dimensions and types are specified for new steps (important), with examples in docstrings when needed.
  • Class names and argument / API variables are very clear: there is no possible ambiguity. They also respect the existing code style (avoid duplicating words for the same concept) and are intuitive.
  • Use typing like variable: Typing = ... as much as possible. Also use typing for function arguments and return values like def my_func(self, my_list: Dict[int, List[str]]) -> OrderedDict[int, str]:.
  • Classes are documented: their behavior is explained beyond just the title of the class. You may even use the description written in your pull request above to fill some docstrings accurately.
  • If a numpy array is used, it is important to remember that these arrays are a special type that must be documented accordingly, and that numpy array should not be abused. This is because Neuraxle is a library that is not only limited to transforming numpy arrays. To this effect, numpy steps should probably be located in the existing numpy python files as much as possible, and not be all over the place. The same applies to Pandas DataFrames.
  • Code coverage is above 90% for the added code for the unit tests.
  • Respect the Unit Testing status check
  • Respect the Codacy status check
  • Respect the cla-bot status check (unless the cla-bot is truly broken - please try to debug it first)
  • The above description of the pull request in natural language was used to document the new code inside the code's docstrings so as to have complete documentation, with examples.
  • Code files that were edited were reformatted automatically using PyCharm's Ctrl+Alt+L shortcut.

@stale Stale
Copy link

stale bot commented Nov 5, 2024

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs in the next 180 days. Thank you for your contributions.

@stale stale bot added the wontfix This will not be worked on label Nov 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file wontfix This will not be worked on
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants