search

wooyek / flask-social-blueprint

An OAuth based authentication blueprint for flask. Easy to extend and override.
MIT License
83 stars 29 forks source link

Update jinja2 to 2.9.3 #55

Closed pyup-bot closed 7 years ago

pyup-bot commented 7 years ago

There's a new version of Jinja2 available. You are currently using 2.8. I have updated it to 2.9.3

These links might come in handy: PyPI | Changelog | Homepage

Changelog

2.9.3

(bugfix release, released on January 8th 2017)

  • Restored the use of blocks in macros to the extend that was possible before. On Python 3 it would render a generator repr instead of the block contents. (645)
  • Set a consistent behavior for assigning of variables in inner scopes when the variable is also read from an outer scope. This now sets the intended behavior in all situations however it does not restore the old behavior where limited assignments to outer scopes was possible. For more information and a discussion see 641
  • Resolved an issue where block scoped would not take advantage of the new scoping rules. In some more exotic cases a variable overriden in a local scope would not make it into a block.
  • Change the code generation of the with statement to be in line with the new scoping rules. This resolves some unlikely bugs in edge cases. This also introduces a new internal With node that can be used by extensions.

2.9.2

(bugfix release, released on January 8th 2017)

  • Fixed a regression that caused for loops to not be able to use the same variable for the target as well as source iterator. (640)
  • Add support for a previously unknown behavior of macros. It used to be possible in some circumstances to explicitly provide a caller argument to macros. While badly buggy and unintended it turns out that this is a common case that gets copy pasted around. To not completely break backwards compatibility with the most common cases it's now possible to provide an explicit keyword argument for caller if it's given an explicit default. (642)

2.9.1

(bugfix release, released on January 7th 2017)

  • Resolved a regression with call block scoping for macros. Nested caller blocks that used the same identifiers as outer macros could refer to the wrong variable incorrectly.

2.9

(codename Derivation, released on January 7th 2017)

  • Change cache key definition in environment. This fixes a performance regression introduced in 2.8.
  • Added support for generator_stop on supported Python versions (Python 3.5 and later)
  • Corrected a long standing issue with operator precedence of math operations not being what was expected.
  • Added support for Python 3.6 async iterators through a new async mode.
  • Added policies for filter defaults and similar things.
  • urlize now sets "rel noopener" by default.
  • Support attribute fallback for old-style classes in 2.x.
  • Support toplevel set statements in extend situations.
  • Restored behavior of Cycler for Python 3 users.
  • Subtraction now follows the same behavior as other operators on undefined values.
  • map and friends will now give better error messages if you forgot to quote the parameter.
  • Depend on MarkupSafe 0.23 or higher.
  • Improved the truncate filter to support better truncation in case the string is barely truncated at all.
  • Change the logic for macro autoescaping to be based on the runtime autoescaping information at call time instead of macro define time.
  • Ported a modified version of the tojson filter from Flask to Jinja2 and hooked it up with the new policy framework.
  • Block sets are now marked safe by default.
  • On Python 2 the asciification of ASCII strings can now be disabled with the compiler.ascii_str policy.
  • Tests now no longer accept an arbitrary expression as first argument but a restricted one. This means that you can now properly use multiple tests in one expression without extra parentheses. In particular you can now write foo is divisibleby 2 or foo is divisibleby 3 as you would expect.
  • Greatly changed the scoping system to be more consistent with what template designers and developers expect. There is now no more magic difference between the different include and import constructs. Context is now always propagated the same way. The only remaining differences is the defaults for with context and without context.
  • The with and autoescape tags are now built-in.
  • Added the new select_autoescape function which helps configuring better autoescaping easier.

2.8.2

(bugfix release, unreleased)

  • Fixed a runtime error in the sandbox when attributes of async generators were accessed.

2.8.1

(bugfix release, released on December 29th 2016)

  • Fixed the for_qs flag for urlencode.
  • Fixed regression when applying int to non-string values.
  • SECURITY: if the sandbox mode is used format expressions are now sandboxed with the same rules as in Jinja. This solves various information leakage problems that can occur with format strings.

Got merge conflicts? Close this PR and delete the branch. I'll create a new PR for you.

Happy merging! 🤖

pyup-bot commented 7 years ago

Closing this in favor of #57