opendwellers / jujubot

A bot to replace a long-time lost friend on a mattermost server
GNU General Public License v3.0
5 stars 4 forks source link

Bump werkzeug from 0.15.3 to 0.16.0 #12

Closed dependabot[bot] closed 5 years ago

dependabot[bot] commented 5 years ago

Bumps werkzeug from 0.15.3 to 0.16.0.

Release notes *Sourced from [werkzeug's releases](https://github.com/pallets/werkzeug/releases).* > ## 0.16.0 > Most of the top-level attributes in the `werkzeug` module are now deprecated, and will be removed in 1.0.0. > > For example, instead of `import werkzeug; werkzeug.url_quote`, do `from werkzeug.urls import url_quote`. A deprecation warning will show the correct import to use. `werkzeug.exceptions` and `werkzeug.routing` should also be imported instead of accessed, but for technical reasons can’t show a warning. > > * Blog: https://palletsprojects.com/blog/werkzeug-0-16-0-released > * Changelog: https://werkzeug.palletsprojects.com/en/0.16.x/changes/#version-0-16-0 > > ## 0.15.6 > The issue causing the reloader to fail when running from a setuptools entry point (like `flask run`) on Windows has been fixed. > > * Changelog: http://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-6 > > ## 0.15.5 > * Changelog: http://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-5 > > ## 0.15.4 > * Blog: https://palletsprojects.com/blog/werkzeug-0-15-3-released/ > * Changes: https://werkzeug.palletsprojects.com/en/0.15.x/changes/#version-0-15-4
Changelog *Sourced from [werkzeug's changelog](https://github.com/pallets/werkzeug/blob/master/CHANGES.rst).* > Version 0.16.0 > -------------- > > Released 2019-09-19 > > - Deprecate most top-level attributes provided by the ``werkzeug`` > module in favor of direct imports. The deprecated imports will be > removed in version 1.0. > > For example, instead of ``import werkzeug; werkzeug.url_quote``, do > ``from werkzeug.urls import url_quote``. A deprecation warning will > show the correct import to use. ``werkzeug.exceptions`` and > ``werkzeug.routing`` should also be imported instead of accessed, > but for technical reasons can't show a warning. > > :issue:`2`, :pr:`1640` > > > Version 0.15.6 > -------------- > > Released 2019-09-04 > > - Work around a bug in pip that caused the reloader to fail on > Windows when the script was an entry point. This fixes the issue > with Flask's `flask run` command failing with "No module named > Scripts\flask". :issue:`1614` > - ``ProxyFix`` trusts the ``X-Forwarded-Proto`` header by default. > :issue:`1630` > - The deprecated ``num_proxies`` argument to ``ProxyFix`` sets > ``x_for``, ``x_proto``, and ``x_host`` to match 0.14 behavior. This > is intended to make intermediate upgrades less disruptive, but the > argument will still be removed in 1.0. :issue:`1630` > > > Version 0.15.5 > -------------- > > Released 2019-07-17 > > - Fix a ``TypeError`` due to changes to ``ast.Module`` in Python 3.8. > :issue:`1551` > - Fix a C assertion failure in debug builds of some Python 2.7 > releases. :issue:`1553` > - :class:`~exceptions.BadRequestKeyError` adds the ``KeyError`` > message to the description if ``e.show_exception`` is set to > ``True``. This is a more secure default than the original 0.15.0 > behavior and makes it easier to control without losing information. > :pr:`1592` > - Upgrade the debugger to jQuery 3.4.1. :issue:`1581` > ... (truncated)
Commits - [`1aba740`](https://github.com/pallets/werkzeug/commit/1aba7408bbb1118ba86013f3e16585dbd3e56ede) release version 0.16.0 - [`73590e8`](https://github.com/pallets/werkzeug/commit/73590e813b2312c50949e8baa50ee6e040945eb1) fix changelog formatting - [`5b48c2c`](https://github.com/pallets/werkzeug/commit/5b48c2c2c22698be8820fb570c092b2febb4ba7a) Merge pull request [#1643](https://github-redirect.dependabot.com/pallets/werkzeug/issues/1643) from pallets/remove-import-magic - [`5493918`](https://github.com/pallets/werkzeug/commit/54939182e9f207b420fe5f676ac58456e2cad2c8) remove lazy importer, fix circular imports - [`71eab19`](https://github.com/pallets/werkzeug/commit/71eab19be2c83fb476de51275e2f9bdf69d5cc10) release version 0.15.6 - [`ae7b3df`](https://github.com/pallets/werkzeug/commit/ae7b3df56be7834f2df21207fa791930a0dd70e3) Merge pull request [#1636](https://github-redirect.dependabot.com/pallets/werkzeug/issues/1636) from pallets/proxyfix-defaults - [`8da65dd`](https://github.com/pallets/werkzeug/commit/8da65dd9e9ba0f8800c3fbb44ac1fa245424fa5b) ProxyFix.x_proto defaults to 1 - [`04ff062`](https://github.com/pallets/werkzeug/commit/04ff06241c010025d01ed5a7a601aeb4eaa8dc6d) fix deprecated top-level imports - [`ab1b556`](https://github.com/pallets/werkzeug/commit/ab1b55600c314a615ccf36d709aade244cb118f5) Merge pull request [#1627](https://github-redirect.dependabot.com/pallets/werkzeug/issues/1627) from frostming/bugfix/1614 - [`87da8da`](https://github.com/pallets/werkzeug/commit/87da8da23a162f978e552b724006dc3a39246f8b) make reloader workaround more specific - Additional commits viewable in [compare view](https://github.com/pallets/werkzeug/compare/0.15.3...0.16.0)


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot ignore this [patch|minor|major] version` will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/opendwellers/jujubot/network/alerts).