Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump werkzeug from 0.12 to 0.14.1 #11

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump werkzeug from 0.12 to 0.14.1 #11

wants to merge 1 commit into from

Conversation

dependabot-preview[bot]
Copy link

Bumps werkzeug from 0.12 to 0.14.1.

Release notes

Sourced from werkzeug's releases.

0.13

Read the announcement here.

Read the full changelog.

Install from PyPI with pip:

pip install -U Werkzeug
Changelog

Sourced from werkzeug's changelog.

Version 0.14.1

Released on December 31st 2017

  • Resolved a regression with status code handling in the integrated
    development server.

Version 0.14

Released on December 31st 2017

  • HTTP exceptions are now automatically caught by
    Request.application.
  • Added support for edge as browser.
  • Added support for platforms that lack SpooledTemporaryFile.
  • Add support for etag handling through if-match
  • Added support for the SameSite cookie attribute.
  • Added werkzeug.wsgi.ProxyMiddleware
  • Implemented has for NullCache
  • get_multi on cache clients now returns lists all the time.
  • Improved the watchdog observer shutdown for the reloader to not crash
    on exit on older Python versions.
  • Added support for filename* filename attributes according to
    RFC 2231
  • Resolved an issue where machine ID for the reloader PIN was not
    read accurately on windows.
  • Added a workaround for syntax errors in init files in the reloader.
  • Added support for using the reloader with console scripts on windows.
  • The built-in HTTP server will no longer close a connection in cases
    where no HTTP body is expected (204, 204, HEAD requests etc.)
  • The EnvironHeaders object now skips over empty content type and
    lengths if they are set to falsy values.
  • Werkzeug will no longer send the content-length header on 1xx or
    204/304 responses.
  • Cookie values are now also permitted to include slashes and equal
    signs without quoting.
  • Relaxed the regex for the routing converter arguments.
  • If cookies are sent without values they are now assumed to have an
    empty value and the parser accepts this. Previously this could have
    corrupted cookies that followed the value.
  • The test Client and EnvironBuilder now support mimetypes like
    the request object does.
  • Added support for static weights in URL rules.
  • Better handle some more complex reloader scenarios where sys.path
    contained non directory paths.
  • EnvironHeaders no longer raises weird errors if non string keys
    are passed to it.
... (truncated)
Commits
  • 6fc07fe Bump version number to 0.14.1
  • b19bc30 Added changelog entry
  • d0789d8 Fixed a regression in the development server
  • 5b53d15 Bump version number to 0.14
  • 82c0719 Filter some requests ssl warnings in tests
  • 5058281 Set release date for 0.14
  • f55f633 Added test and changelog entry for EnvironHeaders fix
  • 5752160 Fix type check in EnvironHeaders.getitem (#1005)
  • 3790dc1 Added changelog entry
  • f3f53e7 Don't return a file path from _find_observable_paths (#1157)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot ignore this [patch|minor|major] version will close this PR and stop Dependabot creating any more for this minor/major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use (this|these) label[s] will set the current labels as the default for future PRs for this repo and language
  • @dependabot use (this|these) reviewer[s] will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use (this|these) assignee[s] will set the current assignees as the default for future PRs for this repo and language

Additionally, you can set the following in your Dependabot dashboard:

  • Update frequency (including time of day and day of week)
  • Automerge options (never/patch/minor, and dev/runtime dependencies)
  • Pull request limits (per update run and/or open at any time)
  • Out-of-range updates (receive only lockfile updates, if desired)
  • Security updates (receive only security updates, if desired)

Finally, you can contact us by mentioning @dependabot.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@dependabot-support