christopherpickering / flask-session2

Server side session extension for Flask
Other
35 stars 8 forks source link

fix(deps) Update dependency Flask to v3 #90

Open renovate[bot] opened 1 year ago

renovate[bot] commented 1 year ago

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
Flask (changelog) ^2.2.2 -> ^3.0.0 age adoption passing confidence

Release Notes

pallets/flask (Flask) ### [`v3.0.3`](https://redirect.github.com/pallets/flask/blob/HEAD/CHANGES.rst#Version-303) [Compare Source](https://redirect.github.com/pallets/flask/compare/3.0.2...3.0.3) Released 2024-04-07 - The default `hashlib.sha1` may not be available in FIPS builds. Don't access it at import time so the developer has time to change the default. :issue:`5448` - Don't initialize the `cli` attribute in the sansio scaffold, but rather in the `Flask` concrete class. :pr:`5270` ### [`v3.0.2`](https://redirect.github.com/pallets/flask/blob/HEAD/CHANGES.rst#Version-302) [Compare Source](https://redirect.github.com/pallets/flask/compare/3.0.1...3.0.2) Released 2024-02-03 - Correct type for `jinja_loader` property. :issue:`5388` - Fix error with `--extra-files` and `--exclude-patterns` CLI options. :issue:`5391` ### [`v3.0.1`](https://redirect.github.com/pallets/flask/blob/HEAD/CHANGES.rst#Version-301) [Compare Source](https://redirect.github.com/pallets/flask/compare/3.0.0...3.0.1) Released 2024-01-18 - Correct type for `path` argument to `send_file`. :issue:`5230` - Fix a typo in an error message for the `flask run --key` option. :pr:`5344` - Session data is untagged without relying on the built-in `json.loads` `object_hook`. This allows other JSON providers that don't implement that. :issue:`5381` - Address more type findings when using mypy strict mode. :pr:`5383` ### [`v3.0.0`](https://redirect.github.com/pallets/flask/blob/HEAD/CHANGES.rst#Version-300) [Compare Source](https://redirect.github.com/pallets/flask/compare/2.3.3...3.0.0) Released 2023-09-30 - Remove previously deprecated code. :pr:`5223` - Deprecate the `__version__` attribute. Use feature detection, or `importlib.metadata.version("flask")`, instead. :issue:`5230` - Restructure the code such that the Flask (app) and Blueprint classes have Sans-IO bases. :pr:`5127` - Allow self as an argument to url_for. :pr:`5264` - Require Werkzeug >= 3.0.0. ### [`v2.3.3`](https://redirect.github.com/pallets/flask/blob/HEAD/CHANGES.rst#Version-233) [Compare Source](https://redirect.github.com/pallets/flask/compare/2.3.2...2.3.3) Released 2023-08-21 - Python 3.12 compatibility. - Require Werkzeug >= 2.3.7. - Use `flit_core` instead of `setuptools` as build backend. - Refactor how an app's root and instance paths are determined. :issue:`5160` ### [`v2.3.2`](https://redirect.github.com/pallets/flask/blob/HEAD/CHANGES.rst#Version-232) [Compare Source](https://redirect.github.com/pallets/flask/compare/2.3.1...2.3.2) Released 2023-05-01 - Set `Vary: Cookie` header when the session is accessed, modified, or refreshed. - Update Werkzeug requirement to >=2.3.3 to apply recent bug fixes. ### [`v2.3.1`](https://redirect.github.com/pallets/flask/blob/HEAD/CHANGES.rst#Version-231) [Compare Source](https://redirect.github.com/pallets/flask/compare/2.3.0...2.3.1) Released 2023-04-25 - Restore deprecated `from flask import Markup`. :issue:`5084` ### [`v2.3.0`](https://redirect.github.com/pallets/flask/blob/HEAD/CHANGES.rst#Version-230) [Compare Source](https://redirect.github.com/pallets/flask/compare/2.2.5...2.3.0) Released 2023-04-25 - Drop support for Python 3.7. :pr:`5072` - Update minimum requirements to the latest versions: Werkzeug>=2.3.0, Jinja2>3.1.2, itsdangerous>=2.1.2, click>=8.1.3. - Remove previously deprecated code. :pr:`4995` - The `push` and `pop` methods of the deprecated `_app_ctx_stack` and `_request_ctx_stack` objects are removed. `top` still exists to give extensions more time to update, but it will be removed. - The `FLASK_ENV` environment variable, `ENV` config key, and `app.env` property are removed. - The `session_cookie_name`, `send_file_max_age_default`, `use_x_sendfile`, `propagate_exceptions`, and `templates_auto_reload` properties on `app` are removed. - The `JSON_AS_ASCII`, `JSON_SORT_KEYS`, `JSONIFY_MIMETYPE`, and `JSONIFY_PRETTYPRINT_REGULAR` config keys are removed. - The `app.before_first_request` and `bp.before_app_first_request` decorators are removed. - `json_encoder` and `json_decoder` attributes on app and blueprint, and the corresponding `json.JSONEncoder` and `JSONDecoder` classes, are removed. - The `json.htmlsafe_dumps` and `htmlsafe_dump` functions are removed. - Calling setup methods on blueprints after registration is an error instead of a warning. :pr:`4997` - Importing `escape` and `Markup` from `flask` is deprecated. Import them directly from `markupsafe` instead. :pr:`4996` - The `app.got_first_request` property is deprecated. :pr:`4997` - The `locked_cached_property` decorator is deprecated. Use a lock inside the decorated function if locking is needed. :issue:`4993` - Signals are always available. `blinker>=1.6.2` is a required dependency. The `signals_available` attribute is deprecated. :issue:`5056` - Signals support `async` subscriber functions. :pr:`5049` - Remove uses of locks that could cause requests to block each other very briefly. :issue:`4993` - Use modern packaging metadata with `pyproject.toml` instead of `setup.cfg`. :pr:`4947` - Ensure subdomains are applied with nested blueprints. :issue:`4834` - `config.from_file` can use `text=False` to indicate that the parser wants a binary file instead. :issue:`4989` - If a blueprint is created with an empty name it raises a `ValueError`. :issue:`5010` - `SESSION_COOKIE_DOMAIN` does not fall back to `SERVER_NAME`. The default is not to set the domain, which modern browsers interpret as an exact match rather than a subdomain match. Warnings about `localhost` and IP addresses are also removed. :issue:`5051` - The `routes` command shows each rule's `subdomain` or `host` when domain matching is in use. :issue:`5004` - Use postponed evaluation of annotations. :pr:`5071`

Configuration

📅 Schedule: Branch creation - "before 10pm on Sunday" in timezone America/Chicago, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.



This PR was generated by Mend Renovate. View the repository job log.

renovate[bot] commented 1 year ago

⚠ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

The artifact failure details are included below:

File name: poetry.lock
Updating dependencies
Resolving dependencies...

The current project's Python requirement (>=3.7.2,<4.0.0) is not compatible with some of the required packages Python requirement:
  - flask requires Python >=3.8, so it will not be satisfied for Python >=3.7.2,<3.8
  - flask requires Python >=3.8, so it will not be satisfied for Python >=3.7.2,<3.8

Because no versions of flask match >3.0.0,<3.0.1 || >3.0.1,<4.0.0
 and flask (3.0.0) requires Python >=3.8, flask is forbidden.
So, because flask (3.0.1) requires Python >=3.8
 and flask-session2 depends on Flask (^3.0.0), version solving failed.

  • Check your dependencies Python requirement: The Python requirement can be specified via the `python` or `markers` properties

    For flask, a possible solution would be to set the `python` property to ">=3.8,<4.0.0"
    For flask, a possible solution would be to set the `python` property to ">=3.8,<4.0.0"

    https://python-poetry.org/docs/dependency-specification/#python-restricted-dependencies,
    https://python-poetry.org/docs/dependency-specification/#using-environment-markers
dmtzs commented 1 year ago

@christopherpickering , can we merge this PR? I need this library for flask 3.0.0, also dont know if should be necessary to correct some of the checks before merging? also some of the fails are because of the limit in flask version

renovate[bot] commented 3 months ago

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

The artifact failure details are included below:

File name: poetry.lock
Updating dependencies
Resolving dependencies...

The current project's Python requirement (>=3.7.2,<4.0.0) is not compatible with some of the required packages Python requirement:
  - flask requires Python >=3.8, so it will not be satisfied for Python >=3.7.2,<3.8
  - flask requires Python >=3.8, so it will not be satisfied for Python >=3.7.2,<3.8
  - flask requires Python >=3.8, so it will not be satisfied for Python >=3.7.2,<3.8
  - flask requires Python >=3.8, so it will not be satisfied for Python >=3.7.2,<3.8

Because no versions of flask match >3.0.0,<3.0.1 || >3.0.1,<3.0.2 || >3.0.2,<3.0.3 || >3.0.3,<4.0.0
 and flask (3.0.0) requires Python >=3.8, flask is forbidden.
And because flask (3.0.1) requires Python >=3.8
 and flask (3.0.2) requires Python >=3.8, flask is forbidden.
So, because flask (3.0.3) requires Python >=3.8
 and flask-session2 depends on Flask (^3.0.0), version solving failed.

  • Check your dependencies Python requirement: The Python requirement can be specified via the `python` or `markers` properties

    For flask, a possible solution would be to set the `python` property to ">=3.8,<4.0.0"
    For flask, a possible solution would be to set the `python` property to ">=3.8,<4.0.0"
    For flask, a possible solution would be to set the `python` property to ">=3.8,<4.0.0"
    For flask, a possible solution would be to set the `python` property to ">=3.8,<4.0.0"

    https://python-poetry.org/docs/dependency-specification/#python-restricted-dependencies,
    https://python-poetry.org/docs/dependency-specification/#using-environment-markers