Bump werkzeug from 2.0.1 to 2.0.2 in /tools #2

dependabot · 2021-10-11T15:11:10Z

Bumps werkzeug from 2.0.1 to 2.0.2.

Release notes

2.0.2

Changes: https://werkzeug.palletsprojects.com/en/2.0.x/changes/#version-2-0-2

Changelog

Version 2.0.2

Released 2021-10-05

Handle multiple tokens in Connection header when routing WebSocket requests. :issue:2131

Set the debugger pin cookie secure flag when on https. :pr:2150

Fix type annotation for MultiDict.update to accept iterable values :pr:2142

Prevent double encoding of redirect URL when merge_slash=True for Rule.match. :issue:2157

CombinedMultiDict.to_dict with flat=False considers all component dicts when building value lists. :issue:2189

send_file only sets a detected Content-Encoding if as_attachment is disabled to avoid browsers saving decompressed .tar.gz files. :issue:2149

Fix type annotations for TypeConversionDict.get to not return an Optional value if both default and type are not None. :issue:2169

Fix type annotation for routing rule factories to accept Iterable[RuleFactory] instead of Iterable[Rule] for the rules parameter. :issue:2183

Add missing type annotation for FileStorage.__getattr__ :issue:2155

The debugger pin cookie is set with SameSite set to Strict instead of None to be compatible with modern browser security. :issue:2156

Type annotations use IO[bytes] and IO[str] instead of BinaryIO and TextIO for wider type compatibility. :issue:2130

Ad-hoc TLS certs are generated with SAN matching CN. :issue:2158

Fix memory usage for locals when using Python 3.6 or pre 0.4.17 greenlet versions. :pr:2212

Fix type annotation in CallbackDict, because it is not utilizing a bound TypeVar. :issue:2235

Fix setting CSP header options on the response. :pr:2237

Fix an issue with with the interactive debugger where lines would not expand on click for very long tracebacks. :pr:2239

The interactive debugger handles displaying an exception that does not have a traceback, such as from ProcessPoolExecutor. :issue:2217

Commits

5324795 Merge pull request #2255 from pallets/release-2.0.2
f1761b2 release version 2.0.2
9ecd86f Merge pull request #2248 from kjurka/handle_exception_wo_traceback
a026095 handle an exception without a traceback
c7deb75 fix changelog typo
41eefbf Merge pull request #2239 from mireq/main
f408b25 Fixed expand frame exception
bf4efb7 Merge pull request #2237 from pgjones/csp
9ee2b8c fix setting CSP header options
33155ce Merge pull request #2253 from pallets/update-requirements
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [werkzeug](https://github.com/pallets/werkzeug) from 2.0.1 to 2.0.2. - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](pallets/werkzeug@2.0.1...2.0.2) --- updated-dependencies: - dependency-name: werkzeug dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2021-10-16T09:03:46Z