Release notes
*Sourced from [werkzeug's releases](https://github.com/pallets/werkzeug/releases).*
> ## 0.16.0
> Most of the top-level attributes in the `werkzeug` module are now deprecated, and will be removed in 1.0.0.
>
> For example, instead of `import werkzeug; werkzeug.url_quote`, do `from werkzeug.urls import url_quote`. A deprecation warning will show the correct import to use. `werkzeug.exceptions` and `werkzeug.routing` should also be imported instead of accessed, but for technical reasons can’t show a warning.
>
> * Blog: https://palletsprojects.com/blog/werkzeug-0-16-0-released
> * Changelog: https://werkzeug.palletsprojects.com/en/0.16.x/changes/#version-0-16-0
>
> ## 0.15.6
> The issue causing the reloader to fail when running from a setuptools entry point (like `flask run`) on Windows has been fixed.
>
> * Changelog: http://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-6
>
> ## 0.15.5
> * Changelog: http://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-5
>
> ## 0.15.4
> * Blog: https://palletsprojects.com/blog/werkzeug-0-15-3-released/
> * Changes: https://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-4
Changelog
*Sourced from [werkzeug's changelog](https://github.com/pallets/werkzeug/blob/master/CHANGES.rst).*
> Version 0.16.0
> --------------
>
> Released 2019-09-19
>
> - Deprecate most top-level attributes provided by the ``werkzeug``
> module in favor of direct imports. The deprecated imports will be
> removed in version 1.0.
>
> For example, instead of ``import werkzeug; werkzeug.url_quote``, do
> ``from werkzeug.urls import url_quote``. A deprecation warning will
> show the correct import to use. ``werkzeug.exceptions`` and
> ``werkzeug.routing`` should also be imported instead of accessed,
> but for technical reasons can't show a warning.
>
> :issue:`2`, :pr:`1640`
>
>
> Version 0.15.6
> --------------
>
> Released 2019-09-04
>
> - Work around a bug in pip that caused the reloader to fail on
> Windows when the script was an entry point. This fixes the issue
> with Flask's `flask run` command failing with "No module named
> Scripts\flask". :issue:`1614`
> - ``ProxyFix`` trusts the ``X-Forwarded-Proto`` header by default.
> :issue:`1630`
> - The deprecated ``num_proxies`` argument to ``ProxyFix`` sets
> ``x_for``, ``x_proto``, and ``x_host`` to match 0.14 behavior. This
> is intended to make intermediate upgrades less disruptive, but the
> argument will still be removed in 1.0. :issue:`1630`
>
>
> Version 0.15.5
> --------------
>
> Released 2019-07-17
>
> - Fix a ``TypeError`` due to changes to ``ast.Module`` in Python 3.8.
> :issue:`1551`
> - Fix a C assertion failure in debug builds of some Python 2.7
> releases. :issue:`1553`
> - :class:`~exceptions.BadRequestKeyError` adds the ``KeyError``
> message to the description if ``e.show_exception`` is set to
> ``True``. This is a more secure default than the original 0.15.0
> behavior and makes it easier to control without losing information.
> :pr:`1592`
> - Upgrade the debugger to jQuery 3.4.1. :issue:`1581`
> ... (truncated)
Commits
- [`1aba740`](https://github.com/pallets/werkzeug/commit/1aba7408bbb1118ba86013f3e16585dbd3e56ede) release version 0.16.0
- [`73590e8`](https://github.com/pallets/werkzeug/commit/73590e813b2312c50949e8baa50ee6e040945eb1) fix changelog formatting
- [`5b48c2c`](https://github.com/pallets/werkzeug/commit/5b48c2c2c22698be8820fb570c092b2febb4ba7a) Merge pull request [#1643](https://github-redirect.dependabot.com/pallets/werkzeug/issues/1643) from pallets/remove-import-magic
- [`5493918`](https://github.com/pallets/werkzeug/commit/54939182e9f207b420fe5f676ac58456e2cad2c8) remove lazy importer, fix circular imports
- [`71eab19`](https://github.com/pallets/werkzeug/commit/71eab19be2c83fb476de51275e2f9bdf69d5cc10) release version 0.15.6
- [`ae7b3df`](https://github.com/pallets/werkzeug/commit/ae7b3df56be7834f2df21207fa791930a0dd70e3) Merge pull request [#1636](https://github-redirect.dependabot.com/pallets/werkzeug/issues/1636) from pallets/proxyfix-defaults
- [`8da65dd`](https://github.com/pallets/werkzeug/commit/8da65dd9e9ba0f8800c3fbb44ac1fa245424fa5b) ProxyFix.x_proto defaults to 1
- [`04ff062`](https://github.com/pallets/werkzeug/commit/04ff06241c010025d01ed5a7a601aeb4eaa8dc6d) fix deprecated top-level imports
- [`ab1b556`](https://github.com/pallets/werkzeug/commit/ab1b55600c314a615ccf36d709aade244cb118f5) Merge pull request [#1627](https://github-redirect.dependabot.com/pallets/werkzeug/issues/1627) from frostming/bugfix/1614
- [`87da8da`](https://github.com/pallets/werkzeug/commit/87da8da23a162f978e552b724006dc3a39246f8b) make reloader workaround more specific
- Additional commits viewable in [compare view](https://github.com/pallets/werkzeug/compare/0.15.3...0.16.0)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/nwfsc-fram/warehouse/network/alerts).
Bumps werkzeug from 0.15.3 to 0.16.0.
Release notes
*Sourced from [werkzeug's releases](https://github.com/pallets/werkzeug/releases).* > ## 0.16.0 > Most of the top-level attributes in the `werkzeug` module are now deprecated, and will be removed in 1.0.0. > > For example, instead of `import werkzeug; werkzeug.url_quote`, do `from werkzeug.urls import url_quote`. A deprecation warning will show the correct import to use. `werkzeug.exceptions` and `werkzeug.routing` should also be imported instead of accessed, but for technical reasons can’t show a warning. > > * Blog: https://palletsprojects.com/blog/werkzeug-0-16-0-released > * Changelog: https://werkzeug.palletsprojects.com/en/0.16.x/changes/#version-0-16-0 > > ## 0.15.6 > The issue causing the reloader to fail when running from a setuptools entry point (like `flask run`) on Windows has been fixed. > > * Changelog: http://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-6 > > ## 0.15.5 > * Changelog: http://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-5 > > ## 0.15.4 > * Blog: https://palletsprojects.com/blog/werkzeug-0-15-3-released/ > * Changes: https://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-4Changelog
*Sourced from [werkzeug's changelog](https://github.com/pallets/werkzeug/blob/master/CHANGES.rst).* > Version 0.16.0 > -------------- > > Released 2019-09-19 > > - Deprecate most top-level attributes provided by the ``werkzeug`` > module in favor of direct imports. The deprecated imports will be > removed in version 1.0. > > For example, instead of ``import werkzeug; werkzeug.url_quote``, do > ``from werkzeug.urls import url_quote``. A deprecation warning will > show the correct import to use. ``werkzeug.exceptions`` and > ``werkzeug.routing`` should also be imported instead of accessed, > but for technical reasons can't show a warning. > > :issue:`2`, :pr:`1640` > > > Version 0.15.6 > -------------- > > Released 2019-09-04 > > - Work around a bug in pip that caused the reloader to fail on > Windows when the script was an entry point. This fixes the issue > with Flask's `flask run` command failing with "No module named > Scripts\flask". :issue:`1614` > - ``ProxyFix`` trusts the ``X-Forwarded-Proto`` header by default. > :issue:`1630` > - The deprecated ``num_proxies`` argument to ``ProxyFix`` sets > ``x_for``, ``x_proto``, and ``x_host`` to match 0.14 behavior. This > is intended to make intermediate upgrades less disruptive, but the > argument will still be removed in 1.0. :issue:`1630` > > > Version 0.15.5 > -------------- > > Released 2019-07-17 > > - Fix a ``TypeError`` due to changes to ``ast.Module`` in Python 3.8. > :issue:`1551` > - Fix a C assertion failure in debug builds of some Python 2.7 > releases. :issue:`1553` > - :class:`~exceptions.BadRequestKeyError` adds the ``KeyError`` > message to the description if ``e.show_exception`` is set to > ``True``. This is a more secure default than the original 0.15.0 > behavior and makes it easier to control without losing information. > :pr:`1592` > - Upgrade the debugger to jQuery 3.4.1. :issue:`1581` > ... (truncated)Commits
- [`1aba740`](https://github.com/pallets/werkzeug/commit/1aba7408bbb1118ba86013f3e16585dbd3e56ede) release version 0.16.0 - [`73590e8`](https://github.com/pallets/werkzeug/commit/73590e813b2312c50949e8baa50ee6e040945eb1) fix changelog formatting - [`5b48c2c`](https://github.com/pallets/werkzeug/commit/5b48c2c2c22698be8820fb570c092b2febb4ba7a) Merge pull request [#1643](https://github-redirect.dependabot.com/pallets/werkzeug/issues/1643) from pallets/remove-import-magic - [`5493918`](https://github.com/pallets/werkzeug/commit/54939182e9f207b420fe5f676ac58456e2cad2c8) remove lazy importer, fix circular imports - [`71eab19`](https://github.com/pallets/werkzeug/commit/71eab19be2c83fb476de51275e2f9bdf69d5cc10) release version 0.15.6 - [`ae7b3df`](https://github.com/pallets/werkzeug/commit/ae7b3df56be7834f2df21207fa791930a0dd70e3) Merge pull request [#1636](https://github-redirect.dependabot.com/pallets/werkzeug/issues/1636) from pallets/proxyfix-defaults - [`8da65dd`](https://github.com/pallets/werkzeug/commit/8da65dd9e9ba0f8800c3fbb44ac1fa245424fa5b) ProxyFix.x_proto defaults to 1 - [`04ff062`](https://github.com/pallets/werkzeug/commit/04ff06241c010025d01ed5a7a601aeb4eaa8dc6d) fix deprecated top-level imports - [`ab1b556`](https://github.com/pallets/werkzeug/commit/ab1b55600c314a615ccf36d709aade244cb118f5) Merge pull request [#1627](https://github-redirect.dependabot.com/pallets/werkzeug/issues/1627) from frostming/bugfix/1614 - [`87da8da`](https://github.com/pallets/werkzeug/commit/87da8da23a162f978e552b724006dc3a39246f8b) make reloader workaround more specific - Additional commits viewable in [compare view](https://github.com/pallets/werkzeug/compare/0.15.3...0.16.0)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/nwfsc-fram/warehouse/network/alerts).