Bump flask from 2.2.3 to 3.0.0

[dependabot[bot]]

Bumps flask from 2.2.3 to 3.0.0.

Release notes

Sourced from flask's releases.

3.0.0

This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 3.0.x branch is now the supported fix branch, the 2.3.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-0
• Milestone: https://github.com/pallets/flask/milestone/20?closed=1

2.3.3

This is a fix release for the 2.3.x feature branch.

• Changes: https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-3
• Milestone: https://github.com/pallets/flask/milestone/31?closed=1

2.3.2

This is a security fix release for the 2.3.x release branch.

• Security advisory: https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq, CVE-2023-30861
• Changes: https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-2
• Milestone: https://github.com/pallets/flask/milestone/29?closed=1

2.3.1

This is a fix release for the 2.3.x release branch.

• Changes: https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-1
• Milestone: https://github.com/pallets/flask/milestone/28?closed=1

2.3.0

This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 2.3.x branch is now the supported fix branch, the 2.2.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

• Changes: https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-0
• Milestone: https://github.com/pallets/flask/milestone/24?closed=1

2.2.5

This is a security fix release for the 2.2.x release branch. Note that 2.3.x is the currently supported release branch; please upgrade to the latest version if possible.

• Security advisory: https://github.com/pallets/flask/security/advisories/GHSA-m2qf-hxjv-5gpq, CVE-2023-30861
• Changes: https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-5
• Milestone: https://github.com/pallets/flask/milestone/30?closed=1

2.2.4

This is a fix release for the 2.2.x release branch.

• Changes: https://flask.palletsprojects.com/en/2.2.x/changes/#version-2-2-4
• Milestone: https://github.com/pallets/flask/milestone/27?closed=1

Changelog

Sourced from flask's changelog.

Version 3.0.0

Released 2023-09-30

• Remove previously deprecated code. :pr:5223
• Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("flask"), instead. :issue:5230
• Restructure the code such that the Flask (app) and Blueprint classes have Sans-IO bases. :pr:5127
• Allow self as an argument to url_for. :pr:5264
• Require Werkzeug >= 3.0.0.

Version 2.3.3

Released 2023-08-21

• Python 3.12 compatibility.
• Require Werkzeug >= 2.3.7.
• Use flit_core instead of setuptools as build backend.
• Refactor how an app's root and instance paths are determined. :issue:5160

Version 2.3.2

Released 2023-05-01

• Set Vary: Cookie header when the session is accessed, modified, or refreshed.
• Update Werkzeug requirement to >=2.3.3 to apply recent bug fixes.

Version 2.3.1

Released 2023-04-25

• Restore deprecated from flask import Markup. :issue:5084

Version 2.3.0

Released 2023-04-25

• Drop support for Python 3.7. :pr:5072
• Update minimum requirements to the latest versions: Werkzeug>=2.3.0, Jinja2>3.1.2, itsdangerous>=2.1.2, click>=8.1.3.

... (truncated)

Commits

• 735a470 Release version 3.0.0
• efe39ae Bump Werkzeug 3.0.0
• 438edcd Allow self as an argument to url_for
• b7c1290 Fix wrong spelling of JS method .innerHTML
• 8037487 Bump pypa/gh-action-pypi-publish from 1.8.8 to 1.8.10 (#5248)
• e8076d9 Bump slsa-framework/slsa-github-generator from 1.7.0 to 1.9.0 (#5247)
• ecc4a38 Bump actions/checkout from 3.5.3 to 3.6.0 (#5246)
• 24c6508 Bump pypa/gh-action-pypi-publish from 1.8.8 to 1.8.10
• 98cef9f Bump slsa-framework/slsa-github-generator from 1.7.0 to 1.9.0
• 0c97a41 Bump actions/checkout from 3.5.3 to 3.6.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)