zarr-python icon indicating copy to clipboard operation
zarr-python copied to clipboard
verified publisher icon zarr-developers

Update werkzeug requirement from <2.2.0 to <2.3.0

Open dependabot[bot] opened this issue 3 years ago • 6 comments

Updates the requirements on werkzeug to permit the latest version.

Release notes

Sourced from werkzeug's releases.

2.2.1

This is a fix release for the 2.2.0 feature release.

Changelog

Sourced from werkzeug's changelog.

Version 2.2.1

Released 2022-07-27

  • Fix router so that /path/ will match a rule /path if strict slashes mode is disabled for the rule. :issue:2467
  • Fix router so that partial part matches are not allowed i.e. /2df does not match /<int>. :pr:2470
  • Fix router static part weighting, so that simpler routes are matched before more complex ones. :issue:2471
  • Restore ValidationError to be importable from werkzeug.routing. :issue:2465

Version 2.2.0

Released 2022-07-23

  • Deprecated get_script_name, get_query_string, peek_path_info, pop_path_info, and extract_path_info. :pr:2461
  • Remove previously deprecated code. :pr:2461
  • Add MarkupSafe as a dependency and use it to escape values when rendering HTML. :issue:2419
  • Added the werkzeug.debug.preserve_context mechanism for restoring context-local data for a request when running code in the debug console. :pr:2439
  • Fix compatibility with Python 3.11 by ensuring that end_lineno and end_col_offset are present on AST nodes. :issue:2425
  • Add a new faster matching router based on a state machine. :pr:2433
  • Names within options headers are always converted to lowercase. This matches :rfc:6266 that the case is not relevant. :issue:2442
  • AnyConverter validates the value passed for it when building URLs. :issue:2388
  • The debugger shows enhanced error locations in tracebacks in Python 3.11. :issue:2407
  • Added Sans-IO is_resource_modified and parse_cookie functions based on WSGI versions. :issue:2408
  • Added Sans-IO get_content_length function. :pr:2415
  • Don't assume a mimetype for test responses. :issue:2450
  • Type checking FileStorage accepts os.PathLike. :pr:2418

Version 2.1.2

Released 2022-04-28

... (truncated)

Commits
  • 410c878 release version 2.2.1
  • cdee5ce Merge pull request #2472 from pgjones/2.2.x
  • 56a24f7 Bugfix the calculation of weighting based on static parts
  • 5c85706 Merge pull request #2470 from pgjones/2.2.x
  • b59eb67 Switch $\Z to \Z in matching regex
  • 3a408ed Bugfix ensure that the entire part is matched
  • 76ccf1f Merge pull request #2468 from pgjones/2.2.x
  • 364d9c2 Restore ValidationError as part of the werkzeug.routing API
  • fa76cbe Ensure that rules without strict slashes match paths with slashes
  • 7ae6bc1 Merge branch '2.1.x' into 2.2.x
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

dependabot[bot] avatar Aug 01 '22 04:08 dependabot[bot]

Leaving this open with the hope that dependabot will auto-update to the 2.3.x release of the fix in https://github.com/spulec/moto/pull/5330 and go green.

joshmoore avatar Aug 04 '22 19:08 joshmoore

Think issue ( https://github.com/spulec/moto/issues/5341 ) is the one we want to watch

jakirkham avatar Aug 04 '22 21:08 jakirkham

A newer version of werkzeug exists, but since this PR has been edited by someone other than Dependabot I haven't updated it. You'll get a PR for the updated version as normal once this PR is merged.

dependabot[bot] avatar Aug 09 '22 04:08 dependabot[bot]

@dependabot recreate

joshmoore avatar Aug 09 '22 04:08 joshmoore

It sounds like more work is needed upstream ( https://github.com/spulec/moto/issues/5341#issuecomment-1206995825 ) before this can be updated

jakirkham avatar Aug 09 '22 09:08 jakirkham

:+1: Mostly wanted to make sure dependabot would update for us when the time came.

joshmoore avatar Aug 09 '22 12:08 joshmoore

@dependabot recreate

jakirkham avatar Oct 20 '22 02:10 jakirkham

@dependabot rebase

jakirkham avatar Oct 20 '22 02:10 jakirkham

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

dependabot[bot] avatar Oct 20 '22 02:10 dependabot[bot]

@dependabot recreate

jakirkham avatar Oct 20 '22 02:10 jakirkham

Let's see if this works 🍀

jakirkham avatar Oct 20 '22 02:10 jakirkham

Looks like it is working 🥳

jakirkham avatar Oct 20 '22 05:10 jakirkham

Thanks, @jakirkham! 🙏🏽

joshmoore avatar Oct 24 '22 06:10 joshmoore