Bump werkzeug from 2.3.2 to 2.3.6

[dependabot[bot]]

Bumps werkzeug from 2.3.2 to 2.3.6.

Release notes

Sourced from werkzeug's releases.

2.3.6

This is a fix release for the 2.3.x feature branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-6
• Milestone: https://github.com/pallets/werkzeug/milestone/32?closed=1

2.3.5

This is a fix release for the 2.3.x feature branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-5
• Milestone: https://github.com/pallets/werkzeug/milestone/31?closed=1

2.3.4

This is a fix release for the 2.3.x release branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-4
• Milestone: https://github.com/pallets/werkzeug/milestone/30?closed=1

2.3.3

This is a fix release for the 2.3.x release branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-3
• Milestone: https://github.com/pallets/werkzeug/milestone/29?closed=1

Changelog

Sourced from werkzeug's changelog.

Version 2.3.6

Released 2023-06-08

• FileStorage.content_length does not fail if the form data did not provide a value. :issue:2726

Version 2.3.5

Released 2023-06-07

• Python 3.12 compatibility. :issue:2704
• Fix handling of invalid base64 values in Authorization.from_header. :issue:2717
• The debugger escapes the exception message in the page title. :pr:2719
• When binding routing.Map, a long IDNA server_name with a port does not fail encoding. :issue:2700
• iri_to_uri shows a deprecation warning instead of an error when passing bytes. :issue:2708
• When parsing numbers in HTTP request headers such as Content-Length, only ASCII digits are accepted rather than any format that Python's int and float accept. :issue:2716

Version 2.3.4

Released 2023-05-08

• Authorization.from_header and WWWAuthenticate.from_header detects tokens that end with base64 padding (=). :issue:2685
• Remove usage of warnings.catch_warnings. :issue:2690
• Remove max_form_parts restriction from standard form data parsing and only use if for multipart content. :pr:2694
• Response will avoid converting the Location header in some cases to preserve invalid URL schemes like itms-services. :issue:2691

Version 2.3.3

Released 2023-05-01

• Fix parsing of large multipart bodies. Remove invalid leading newline, and restore parsing speed. :issue:2658, 2675
• The cookie Path attribute is set to / by default again, to prevent clients from falling back to RFC 6265's default-path behavior. :issue:2672, 2679

Commits

• c6f3c2a release version 2.3.6
• f91304f remove docs links from docstrings
• bb24506 FileStorage.content_length does not fail if no length was provided (#2727)
• a184111 fix parsing error in FileStorage.content_length
• 3a8de8d start version 2.3.6
• 62b7ed6 release version 2.3.5 (#2724)
• 2c9b513 release version 2.3.5
• 86c5c78 fail on Python's extended int/float syntax (#2723)
• 6290332 fail on Python's extended int/float syntax
• 1892c10 show warning instead of error when passing bytes to iri_to_uri (#2709)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.