Update werkzeug requirement from <3.1 to <3.2

[dependabot[bot]]

Updates the requirements on werkzeug to permit the latest version.

Release notes

Sourced from werkzeug's releases.

3.1.0

This is the Werkzeug 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

PyPI: https://pypi.org/project/Werkzeug/3.1.0/ Changes: https://werkzeug.palletsprojects.com/en/stable/changes/#version-3-1-0 Milestone: https://github.com/pallets/werkzeug/milestone/34?closed=1

• Drop support for Python 3.8. #2966
• Remove previously deprecated code. #2967
• Request.max_form_memory_size defaults to 500kB instead of unlimited. Non-file form fields over this size will cause a RequestEntityTooLarge error. #2964
• OrderedMultiDict and ImmutableOrderedMultiDict are deprecated. Use MultiDict and ImmutableMultiDict instead. #2968
• Behavior of properties on request.cache_control and response.cache_control has been significantly adjusted.
  • Dict values are always str | None. Setting properties will convert the value to a string. Setting a property to False is equivalent to setting it to None. Getting typed properties will return None if conversion raises ValueError, rather than the string. #2980
  • max_age is None if present without a value, rather than -1. #2980
  • no_cache is a boolean for requests, it is True instead of "*" when present. It remains a string for responses. #2980
  • max_stale is True if present without a value, rather than "*". #2980
  • no_transform is a boolean. Previously it was mistakenly always None. #2881
  • min_fresh is None if present without a value, rather than "*". #2881
  • private is True if present without a value, rather than "*". #2980
  • Added the must_understand property. #2881
  • Added the stale_while_revalidate, and stale_if_error properties. #2948
  • Type annotations more accurately reflect the values. #2881
• Support Cookie CHIPS (Partitioned Cookies). #2797
• Add 421 MisdirectedRequest HTTP exception. #2850
• Increase default work factor for PBKDF2 to 1,000,000 iterations. #2969
• Inline annotations for datastructures, removing stub files. #2970
• MultiDict.getlist catches TypeError in addition to ValueError when doing type conversion. #2976
• Implement | and |= operators for MultiDict, Headers, and CallbackDict, and disallow |= on immutable types. #2977

Changelog

Sourced from werkzeug's changelog.

Version 3.1.0

Released 2024-10-31

• Drop support for Python 3.8. :pr:2966

• Remove previously deprecated code. :pr:2967

• Request.max_form_memory_size defaults to 500kB instead of unlimited. Non-file form fields over this size will cause a RequestEntityTooLarge error. :issue:2964

• OrderedMultiDict and ImmutableOrderedMultiDict are deprecated. Use MultiDict and ImmutableMultiDict instead. :issue:2968

• Behavior of properties on request.cache_control and response.cache_control has been significantly adjusted.

  • Dict values are always str | None. Setting properties will convert the value to a string. Setting a property to False is equivalent to setting it to None. Getting typed properties will return None if conversion raises ValueError, rather than the string. :issue:2980
  • max_age is None if present without a value, rather than -1. :issue:2980
  • no_cache is a boolean for requests, it is True instead of "*" when present. It remains a string for responses. :issue:2980
  • max_stale is True if present without a value, rather than "*". :issue:2980
  • no_transform is a boolean. Previously it was mistakenly always None. :issue:2881
  • min_fresh is None if present without a value, rather than "*". :issue:2881
  • private is True if present without a value, rather than "*". :issue:2980
  • Added the must_understand property. :issue:2881
  • Added the stale_while_revalidate, and stale_if_error properties. :issue:2948
  • Type annotations more accurately reflect the values. :issue:2881

• Support Cookie CHIPS (Partitioned Cookies). :issue:2797

• Add 421 MisdirectedRequest HTTP exception. :issue:2850

• Increase default work factor for PBKDF2 to 1,000,000 iterations. :issue:2969

• Inline annotations for datastructures, removing stub files. :issue:2970

• MultiDict.getlist catches TypeError in addition to ValueError when doing type conversion. :issue:2976

• Implement | and |= operators for MultiDict, Headers, and CallbackDict, and disallow |= on immutable types. :issue:2977

Version 3.0.6

... (truncated)

Commits

• df655e6 release version 3.1.0
• 564835a add docstring changelogs
• 1735b75 more cache-control cleanup (#2983)
• b0f361c more cache-control cleanup
• fa38728 more cache-control cleanup (#2981)
• e3a50c9 more cache-control cleanup
• 1eb7ada implement or and ior operators (#2979)
• b65b587 implement or and ior operators
• 862cb19 getlist catches TypeError (#2978)
• e550ef8 getlist catches TypeError
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[T-256]

I think we can drop this pinned dependency.

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

[dependabot[bot]]

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.