Closed dependabot[bot] closed 12 months ago
The Pull Request updates the Flask framework from version 1.1.2 to 2.2.5 in the backend-container/src
project. This update includes several minor and patch releases, with the latest being a security fix release. The update addresses a security advisory (CVE-2023-30861) and includes various other changes and bug fixes. The update is expected to improve the security and compatibility of the application with the latest Flask features and fixes.
Before merging, ensure that the application is thoroughly tested with the new Flask version, as major version updates can introduce breaking changes. It's also important to review the Flask changelog and release notes to understand the implications of the new features and changes on the existing codebase. If any deprecated features were being used, they should be replaced with the recommended alternatives.
Bumps flask from 1.1.2 to 2.2.5.
Release notes
Sourced from flask's releases.
... (truncated)
Changelog
Sourced from flask's changelog.
... (truncated)
Commits
47af817
release version 2.2.5afd63b1
Merge pull request #5109 from pallets/backport-vary-cookie8646edc
setVary: Cookie
header consistently for sessiona6367da
Merge pull request #5108 from pallets/werkzeug-compat3fbfbad
werkzeug 2.3.3 compatibility726d3f4
start version 2.2.5ddc7acc
Merge pull request #5081 from pallets/release-2.2.474e0329
release version 2.2.42d46068
update dev env64bc458
update dev dependenciesDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show