Bump werkzeug from 1.0.1 to 2.0.2

[dependabot[bot]]

Bumps werkzeug from 1.0.1 to 2.0.2.

Release notes

Sourced from werkzeug's releases.

2.0.2

• Changes: https://werkzeug.palletsprojects.com/en/2.0.x/changes/#version-2-0-2

2.0.1

• Changes: https://werkzeug.palletsprojects.com/en/2.0.x/changes/#version-2-0-1

2.0.0

New major versions of all the core Pallets libraries, including Werkzeug 2.0, have been released! :tada:

• Read the announcement on our blog: https://palletsprojects.com/blog/flask-2-0-released/
• Read the full list of changes: https://werkzeug.palletsprojects.com/changes/#version-2-0-0
• Retweet the announcement on Twitter: https://twitter.com/PalletsTeam/status/1392266507296514048
• Follow our blog, Twitter, or GitHub to see future announcements.

This represents a significant amount of work, and there are quite a few changes. Be sure to carefully read the changelog, and use tools such as pip-compile and Dependabot to pin your dependencies and control your updates.

2.0.0rc5

• Changes: https://werkzeug.palletsprojects.com/en/master/changes#version-2-0-0

2.0.0rc4

• Changes: https://werkzeug.palletsprojects.com/en/master/changes/#version-2-0-0

2.0.0 Release Candidate 3

• Changes: https://werkzeug.palletsprojects.com/en/master/changes/#version-2-0-0

Use the --pre flag to install this pre-release:

pip install --pre Werkzeug==2.0.0rc3

2.0.0 Release Candidate 2

• Changes: https://werkzeug.palletsprojects.com/en/master/changes/#version-2-0-0

Use the --pre flag to install this pre-release:

pip install --pre Werkzeug==2.0.0rc2

2.0.0 Release Candidate 1

• Changes: https://werkzeug.palletsprojects.com/en/master/changes/#version-2-0-0

Use the --pre flag to install this pre-release:

pip install --pre Werkzeug==2.0.0rc1

Changelog

Sourced from werkzeug's changelog.

Version 2.0.2

Released 2021-10-05

• Handle multiple tokens in Connection header when routing WebSocket requests. :issue:2131
• Set the debugger pin cookie secure flag when on https. :pr:2150
• Fix type annotation for MultiDict.update to accept iterable values :pr:2142
• Prevent double encoding of redirect URL when merge_slash=True for Rule.match. :issue:2157
• CombinedMultiDict.to_dict with flat=False considers all component dicts when building value lists. :issue:2189
• send_file only sets a detected Content-Encoding if as_attachment is disabled to avoid browsers saving decompressed .tar.gz files. :issue:2149
• Fix type annotations for TypeConversionDict.get to not return an Optional value if both default and type are not None. :issue:2169
• Fix type annotation for routing rule factories to accept Iterable[RuleFactory] instead of Iterable[Rule] for the rules parameter. :issue:2183
• Add missing type annotation for FileStorage.__getattr__ :issue:2155
• The debugger pin cookie is set with SameSite set to Strict instead of None to be compatible with modern browser security. :issue:2156
• Type annotations use IO[bytes] and IO[str] instead of BinaryIO and TextIO for wider type compatibility. :issue:2130
• Ad-hoc TLS certs are generated with SAN matching CN. :issue:2158
• Fix memory usage for locals when using Python 3.6 or pre 0.4.17 greenlet versions. :pr:2212
• Fix type annotation in CallbackDict, because it is not utilizing a bound TypeVar. :issue:2235
• Fix setting CSP header options on the response. :pr:2237
• Fix an issue with with the interactive debugger where lines would not expand on click for very long tracebacks. :pr:2239
• The interactive debugger handles displaying an exception that does not have a traceback, such as from ProcessPoolExecutor. :issue:2217

Version 2.0.1

Released 2021-05-17

• Fix type annotation for send_file max_age callable. Don't

... (truncated)

Commits

• 5324795 Merge pull request #2255 from pallets/release-2.0.2
• f1761b2 release version 2.0.2
• 9ecd86f Merge pull request #2248 from kjurka/handle_exception_wo_traceback
• a026095 handle an exception without a traceback
• c7deb75 fix changelog typo
• 41eefbf Merge pull request #2239 from mireq/main
• f408b25 Fixed expand frame exception
• bf4efb7 Merge pull request #2237 from pgjones/csp
• 9ee2b8c fix setting CSP header options
• 33155ce Merge pull request #2253 from pallets/update-requirements
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

Superseded by #532.