Type annotation for Response.make_conditional,
HTTPException.get_response, and Map.bind_to_environ accepts
Request in addition to WSGIEnvironment for the first
parameter. :pr:2290
Fix type annotation for Request.user_agent_class. :issue:2273
Accessing LocalProxy.__class__ and __doc__ on an unbound
proxy returns the fallback value instead of a method object.
:issue:2188
Redirects with the test client set RAW_URI and REQUEST_URI
correctly. :issue:2151
Version 2.0.2
Released 2021-10-05
Handle multiple tokens in Connection header when routing
WebSocket requests. :issue:2131
Set the debugger pin cookie secure flag when on https. :pr:2150
Fix type annotation for MultiDict.update to accept iterable
values :pr:2142
Prevent double encoding of redirect URL when merge_slash=True
for Rule.match. :issue:2157
CombinedMultiDict.to_dict with flat=False considers all
component dicts when building value lists. :issue:2189
send_file only sets a detected Content-Encoding if
as_attachment is disabled to avoid browsers saving
decompressed .tar.gz files. :issue:2149
Fix type annotations for TypeConversionDict.get to not return an
Optional value if both default and type are not
None. :issue:2169
Fix type annotation for routing rule factories to accept
Iterable[RuleFactory] instead of Iterable[Rule] for the
rules parameter. :issue:2183
Add missing type annotation for FileStorage.__getattr__
:issue:2155
The debugger pin cookie is set with SameSite set to Strict
instead of None to be compatible with modern browser security.
:issue:2156
Type annotations use IO[bytes] and IO[str] instead of
BinaryIO and TextIO for wider type compatibility.
:issue:2130
Ad-hoc TLS certs are generated with SAN matching CN. :issue:2158
... (truncated)
Commits
38e655e Merge pull request #2336 from pallets/release-2.0.3
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
A newer version of werkzeug exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.
Bumps werkzeug from 2.0.1 to 2.0.3.
Release notes
Sourced from werkzeug's releases.
Changelog
Sourced from werkzeug's changelog.
... (truncated)
Commits
38e655e
Merge pull request #2336 from pallets/release-2.0.3e8294d3
release version 2.0.30bee9ae
Merge pull request #2334 from pallets/update-requirements98c058a
stop using dependabot for python, too noisy8ec5682
cache pip with setup-python action63d8364
use pip-compile-multi for requirements79c6c95
update pre-commit6093ea9
Merge pull request #2318 from Yourun-proger/fix_collect087372e
tell pytest to skip collecting TestResponse8058303
Merge pull request #2152 from mrcljx/fix-redirectDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)