search

aviolaris / instaunfollowers

The World's First Legal Instagram Unfollower Tracker.
https://tinyurl.com/InstaUnFollowers
Other
87 stars 8 forks source link

Bump flask-session from 0.6.0 to 0.7.0 in /app #75

Closed dependabot[bot] closed 7 months ago

dependabot[bot] commented 7 months ago

Bumps flask-session from 0.6.0 to 0.7.0.

Release notes

Sourced from flask-session's releases.

0.7.0

Changelog: https://flask-session.readthedocs.io/en/latest/changes.html#id1

Changelog

Sourced from flask-session's changelog.

0.7.0 - 2024-03-18

Changed

-   Access session interfaces via subfolder, for example ``flask_session.redis.RedisSessionInterface`` (`2bc7df <https://github.com/pallets-eco/flask-session/commit/2bc7df1be7b8929e55cb25f13845caf0503630d8>`_).
-   Deprecate ``pickle`` in favor of ``msgspec``, which is configured with ``SESSION_SERIALIZATION_FORMAT`` to choose between ``'json'`` and ``'msgpack'``. All sessions will convert to msgspec upon first interaction with 0.7.0. Pickle is still available to read existing sessions, but will be removed in 1.0.0. (`c7f8ce <https://github.com/pallets-eco/flask-session/commit/c7f8ced0e1532dea87850d34b3328a3fcb769988>`_, `c7f8ce <https://github.com/pallets-eco/flask-session/commit/c7f8ced0e1532dea87850d34b3328a3fcb769988>`_)
-   Deprecate ``SESSION_USE_SIGNER`` (`a5dba7 <https://github.com/pallets-eco/flask-session/commit/a5dba7022f806c8fb4412d0428b69dd4a077e4a7>`_).
-   Deprecate :class:`flask_session.filesystem.FileSystemSessionInterface` in favor of the broader :class:`flask_session.cachelib.CacheLibSessionInterface` (`2bc7df <https://github.com/pallets-eco/flask-session/commit/2bc7df1be7b8929e55cb25f13845caf0503630d8>`_).

Added


-   All sessions that are accessed or modified while using 0.7.0 will convert to msgspec. Once using 1.0.0, any sessions that are still in pickle will be cleared upon access.
-   Add time-to-live expiration for MongoDB (`9acee3 &lt;https://github.com/pallets-eco/flask-session/commit/9acee3c5fb7072476f3feea923529d19d5e855c3&gt;`_).
-   Add retry for SQL based storage (`[#211](https://github.com/pallets-eco/flask-session/issues/211) &lt;https://github.com/pallets-eco/flask-session/pull/211&gt;`_).
-   Add ``flask session_cleanup`` command and alternatively, ``SESSION_CLEANUP_N_REQUESTS`` for SQLAlchemy or future non-TTL backends (`[#211](https://github.com/pallets-eco/flask-session/issues/211) &lt;https://github.com/pallets-eco/flask-session/pull/211&gt;`_).
-   Add type hints (`7d7d58 &lt;https://github.com/pallets-eco/flask-session/commit/7d7d58ce371553da39095a421445cf639a62bd5f&gt;`_).
-   Add logo and additional documentation.
-   Add vary cookie header when session modified or accessed as per flask's built-in session (`7ab698 &lt;https://github.com/pallets-eco/flask-session/commit/7ab6980c8ba15912df13dd1e78242803e8104dd6&gt;`_).
-   Add regenerate method to session interface to mitigate fixation (`[#27](https://github.com/pallets-eco/flask-session/issues/27) &lt;https://github.com/pallets-eco/flask-session/pull/27&gt;`_, `[#39](https://github.com/pallets-eco/flask-session/issues/39) &lt;https://github.com/pallets-eco/flask-session/issues/39&gt;`_)(`80df63 &lt;https://github.com/pallets-eco/flask-session/commit/80df635ffd466fa7798f6031be5469b4d5dae069&gt;`_).

Removed
</code></pre>
<ul>
<li>Remove null session in favour of relevant exception messages (<code>[#107](https://github.com/pallets-eco/flask-session/issues/107) &lt;https://github.com/pallets-eco/flask-session/issues/107&gt;</code><em>, <code>[#182](https://github.com/pallets-eco/flask-session/issues/182) &lt;https://github.com/pallets-eco/flask-session/issues/182&gt;</code></em>)(<code>d7ed1c &lt;https://github.com/pallets-eco/flask-session/commit/d7ed1c6e7eb3904888b72f0d6c006db1b9b60795&gt;</code>_).</li>
<li>Drop support for Python 3.7 which is end-of-life and precludes use of msgspec (<code>bd7e5b &lt;https://github.com/pallets-eco/flask-session/commit/bd7e5b0bbfc10cdfa9c83b859593c69cc4381571&gt;</code>_).</li>
</ul>
<p>Fixed</p>
<pre><code>-   Prevent session identifier reuse on storage miss (`[#76](https://github.com/pallets-eco/flask-session/issues/76) &lt;https://github.com/pallets-eco/flask-session/pull/76&gt;`_).
-   Abstraction to improve consistency between backends.
-   Enforce ``PERMANENT_SESSION_LIFETIME`` as expiration consistently for all backends (`[#81](https://github.com/pallets-eco/flask-session/issues/81) &lt;https://github.com/pallets-eco/flask-session/issues/81&gt;`_)(`86895b &lt;https://github.com/pallets-eco/flask-session/commit/86895b523203ca67c9f87416bdbf028852dcb357&gt;`_).
-   Specifically include backend session interfaces in public API and document usage (`[#210](https://github.com/pallets-eco/flask-session/issues/210) &lt;https://github.com/pallets-eco/flask-session/issues/210&gt;`_).
-   Fix non-permanent sessions not updating expiry (`[#221](https://github.com/pallets-eco/flask-session/issues/221) &lt;https://github.com/pallets-eco/flask-session/issues/221&gt;`_).
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>

<ul>
<li>See full diff in <a href="https://github.com/pallets-eco/flask-session/commits/0.7.0">compare view</a></li>
</ul>
</details>

<br />



[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=flask-session&package-manager=pip&previous-version=0.6.0&new-version=0.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---



Dependabot commands and options



You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show  ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)