Follow our blog, Twitter, or GitHub to see future announcements.
This represents a significant amount of work, and there are quite a few changes. Be sure to carefully read the changelog, and use tools such as pip-compile and Dependabot to pin your dependencies and control your updates.
Bump minimum versions of other Pallets projects: Werkzeug >= 2,
Jinja2 >= 3, MarkupSafe >= 2, ItsDangerous >= 2, Click >= 8. Be sure
to check the change logs for each project. For better compatibility
with other applications (e.g. Celery) that still require Click 7,
there is no hard dependency on Click 8 yet, but using Click 7 will
trigger a DeprecationWarning and Flask 2.1 will depend on Click 8.
JSON support no longer uses simplejson. To use another JSON module,
override app.json_encoder and json_decoder. :issue:3555
The encoding option to JSON functions is deprecated. :pr:3562
Passing script_info to app factory functions is deprecated. This
was not portable outside the flask command. Use
click.get_current_context().obj if it's needed. :issue:3552
The CLI shows better error messages when the app failed to load
when looking up commands. :issue:2741
Add :meth:sessions.SessionInterface.get_cookie_name to allow
setting the session cookie name dynamically. :pr:3369
Add :meth:Config.from_file to load config using arbitrary file
loaders, such as toml.load or json.load.
:meth:Config.from_json is deprecated in favor of this. :pr:3398
The flask run command will only defer errors on reload. Errors
present during the initial call will cause the server to exit with
the traceback immediately. :issue:3431
:func:send_file raises a :exc:ValueError when passed an
:mod:io object in text mode. Previously, it would respond with
200 OK and an empty file. :issue:3358
When using ad-hoc certificates, check for the cryptography library
instead of PyOpenSSL. :pr:3492
When specifying a factory function with FLASK_APP, keyword
argument can be passed. :issue:3553
When loading a .env or .flaskenv file, the current working
directory is no longer changed to the location of the file.
:pr:3560
When returning a (response, headers) tuple from a view, the
headers replace rather than extend existing headers on the response.
For example, this allows setting the Content-Type for
jsonify(). Use response.headers.extend() if extending is
desired. :issue:3628
The Scaffold class provides a common API for the Flask and
Blueprint classes. Blueprint information is stored in
attributes just like Flask, rather than opaque lambda functions.
This is intended to improve consistency and maintainability.
:issue:3215
Include samesite and secure options when removing the
session cookie. :pr:3726
... (truncated)
Commits
2f0c62f Merge pull request #4007 from pallets/release-2.0.0
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot]
commented
3 years ago
Bumps flask from 1.1.2 to 2.0.0.
Release notes
Sourced from flask's releases.
Changelog
Sourced from flask's changelog.
... (truncated)
Commits
2f0c62fMerge pull request #4007 from pallets/release-2.0.0f8e63d3release version 2.0.01403d35update type annotations3a5532bupdate pallets projects minimum versionsf8f0cafupdate requirements9c1e7f6Merge pull request #4005 from pallets/pre-commit-ci-schedule8b72f6aupdate pre-commit monthly28262c3Merge pull request #3999 from greyli/improve-cli-docs531671cImprove the wording of using FLASK_APP2c88e8aMerge pull request #4003 from pallets/autodoc-typehintsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)