Bump werkzeug from 2.2.3 to 2.3.3 in /tagbase_server

[dependabot[bot]]

Bumps werkzeug from 2.2.3 to 2.3.3.

Release notes

Sourced from werkzeug's releases.

2.3.3

This is a fix release for the 2.3.x release branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-3
• Milestone: https://github.com/pallets/werkzeug/milestone/29?closed=1

2.3.2

This is a fix release for the 2.3.x release branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-2
• Milestone: https://github.com/pallets/werkzeug/milestone/28?closed=1

2.3.1

This is a fix release for the 2.3.x release branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-1
• Milestone: https://github.com/pallets/werkzeug/milestone/27?closed=1

2.3.0

This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 2.3.x branch is now the supported fix branch, the 2.2.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-0
• Milestone: https://github.com/pallets/werkzeug/milestone/23?closed=1

Changelog

Sourced from werkzeug's changelog.

Version 2.3.3

Released 2023-05-01

• Fix parsing of large multipart bodies. Remove invalid leading newline, and restore parsing speed. :issue:2658, 2675
• The cookie Path attribute is set to / by default again, to prevent clients from falling back to RFC 6265's default-path behavior. :issue:2672, 2679

Version 2.3.2

Released 2023-04-28

• Parse the cookie Expires attribute correctly in the test client. :issue:2669
• max_content_length can only be enforced on streaming requests if the server sets wsgi.input_terminated. :issue:2668

Version 2.3.1

Released 2023-04-27

• Percent-encode plus (+) when building URLs and in test requests. :issue:2657
• Cookie values don't quote characters defined in RFC 6265. :issue:2659
• Include pyi files for datastructures type annotations. :issue:2660
• Authorization and WWWAuthenticate objects can be compared for equality. :issue:2665

Version 2.3.0

Released 2023-04-25

• Drop support for Python 3.7. :pr:2648
• Remove previously deprecated code. :pr:2592
• Passing bytes where strings are expected is deprecated, as well as the charset and errors parameters in many places. Anywhere that was annotated, documented, or tested to accept bytes shows a warning. Removing this artifact of the transition from Python 2 to 3 removes a significant amount of overhead in instance checks and encoding cycles. In general, always work with UTF-8, the modern HTML, URL, and HTTP standards all strongly recommend this. :issue:2602
• Deprecate the werkzeug.urls module, except for the uri_to_iri and iri_to_uri functions. Use the urllib.parse library instead. :issue:2600
• Update which characters are considered safe when using percent encoding in URLs, based on the WhatWG URL Standard. :issue:2601

... (truncated)

Commits

• 7a33be5 release version 2.3.3
• 07c27a8 Fix the parsing of large multipart bodies (#2678)
• f0a1733 Fix the parsing of large multipart bodies
• 53f571c cookie sets Path=/ everywhere by default again (#2680)
• 9004c05 cookie path=/ default
• 942dab3 start version 2.3.3
• 6c11c11 release version 2.3.2 (#2674)
• 83054c4 release version 2.3.2
• a83b56a update changelogs in docstrings
• 447d4a8 cookie sets Path=/ by default again (#2673)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[lewismc]

Similar to #251 there are conflicting dependencies here as well

The conflict is caused by:
    The user requested werkzeug==2.3.3
    connexion[swagger-ui] 2.14.2 depends on werkzeug<2.3 and >=1.0

[dependabot[bot]]

Superseded by #258.