search

singingwolfboy / flask-dance

Doing the OAuth dance with style using Flask, requests, and oauthlib.
https://pypi.python.org/pypi/Flask-Dance/
MIT License
1.01k stars 158 forks source link

Update werkzeug requirement from <2.1 to <2.2 #379

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Updates the requirements on werkzeug to permit the latest version.

Release notes

Sourced from werkzeug's releases.

2.1.1

This is a fix release for the 2.1.0 feature release.

Changelog

Sourced from werkzeug's changelog.

Version 2.1.1

Released 2022-04-01

  • ResponseCacheControl.s_maxage converts its value to an int, like max_age. :issue:2364

Version 2.1.0

Released 2022-03-28

  • Drop support for Python 3.6. :pr:2277

  • Using gevent or eventlet requires greenlet>=1.0 or PyPy>=7.3.7. werkzeug.locals and contextvars will not work correctly with older versions. :pr:2278

  • Remove previously deprecated code. :pr:2276

    • Remove the non-standard shutdown function from the WSGI environ when running the development server. See the docs for alternatives.
    • Request and response mixins have all been merged into the Request and Response classes.
    • The user agent parser and the useragents module is removed. The user_agent module provides an interface that can be subclassed to add a parser, such as ua-parser. By default it only stores the whole string.
    • The test client returns TestResponse instances and can no longer be treated as a tuple. All data is available as properties on the response.
    • Remove locals.get_ident and related thread-local code from locals, it no longer makes sense when moving to a contextvars-based implementation.
    • Remove the python -m werkzeug.serving CLI.
    • The has_key method on some mapping datastructures; use key in data instead.
    • Request.disable_data_descriptor is removed, pass shallow=True instead.
    • Remove the no_etag parameter from Response.freeze().
    • Remove the HTTPException.wrap class method.
    • Remove the cookie_date function. Use http_date instead.
    • Remove the pbkdf2_hex, pbkdf2_bin, and safe_str_cmp functions. Use equivalents in hashlib and hmac modules instead.
    • Remove the Href class.
    • Remove the HTMLBuilder class.
    • Remove the invalidate_cached_property function. Use del obj.attr instead.

... (truncated)

Commits
  • 1bfd5de Merge pull request #2369 from pallets/release-2.1.1
  • ae7ca14 release version 2.1.1
  • ae18aca Merge pull request #2365 from Yourun-proger/cache_bug
  • 74948bc s_maxage converts to an int
  • 2b05281 start version 2.1.1
  • 294de75 Merge pull request #2358 from pallets/release-2.1.0
  • 67b108c release version 2.1.0
  • dae7e0d Merge pull request #2357 from pallets/parse_options_header-multiple
  • 2ffa7c1 deprecate parse_options_header multiple parameter
  • 560dd5f Merge pull request #2356 from spaceone/fix-typos-in-docstrings
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
codecov[bot] commented 2 years ago

Codecov Report

Merging #379 (41dfffc) into main (84fa440) will not change coverage. The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #379   +/-   ##
=======================================
  Coverage   93.87%   93.87%           
=======================================
  Files          35       35           
  Lines        1077     1077           
=======================================
  Hits         1011     1011           
  Misses         66       66

Continue to review full report at Codecov.

Legend - Click here to learn more Δ = absolute <relative> (impact), ø = not affected, ? = missing data Powered by Codecov. Last update 84fa440...41dfffc. Read the comment docs.

dependabot[bot] commented 2 years ago

Looks like werkzeug is up-to-date now, so this is no longer needed.