Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump werkzeug from 0.15.6 to 2.2.3 #257

Open
wants to merge 184 commits into
base: master
Choose a base branch
from
Open

Bump werkzeug from 0.15.6 to 2.2.3 #257

wants to merge 184 commits into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 15, 2023

Bumps werkzeug from 0.15.6 to 2.2.3.

Release notes

Sourced from werkzeug's releases.

2.2.3

This is a fix release for the 2.2.x release branch.

This release contains security fixes for:

2.2.2

This is a fix release for the 2.2.0 feature release.

2.2.1

This is a fix release for the 2.2.0 feature release.

2.2.0

This is a feature release, which includes new features and removes previously deprecated features. The 2.2.x branch is now the supported bugfix branch, the 2.1.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades.

2.1.2

This is a fix release for the 2.1.0 feature release.

2.1.1

This is a fix release for the 2.1.0 feature release.

2.1.0

This is a feature release, which includes new features and removes previously deprecated features. The 2.1.x branch is now the supported bugfix branch, the 2.0.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades.

2.0.3

... (truncated)

Changelog

Sourced from werkzeug's changelog.

Version 2.2.3

Released 2023-02-14

  • Ensure that URL rules using path converters will redirect with strict slashes when the trailing slash is missing. :issue:2533
  • Type signature for get_json specifies that return type is not optional when silent=False. :issue:2508
  • parse_content_range_header returns None for a value like bytes */-1 where the length is invalid, instead of raising an AssertionError. :issue:2531
  • Address remaining ResourceWarning related to the socket used by run_simple. Remove prepare_socket, which now happens when creating the server. :issue:2421
  • Update pre-existing headers for multipart/form-data requests with the test client. :issue:2549
  • Fix handling of header extended parameters such that they are no longer quoted. :issue:2529
  • LimitedStream.read works correctly when wrapping a stream that may not return the requested size in one read call. :issue:2558
  • A cookie header that starts with = is treated as an empty key and discarded, rather than stripping the leading ==.
  • Specify a maximum number of multipart parts, default 1000, after which a RequestEntityTooLarge exception is raised on parsing. This mitigates a DoS attack where a larger number of form/file parts would result in disproportionate resource use.

Version 2.2.2

Released 2022-08-08

  • Fix router to restore the 2.1 strict_slashes == False behaviour whereby leaf-requests match branch rules and vice versa. :pr:2489
  • Fix router to identify invalid rules rather than hang parsing them, and to correctly parse / within converter arguments. :pr:2489
  • Update subpackage imports in :mod:werkzeug.routing to use the import as syntax for explicitly re-exporting public attributes. :pr:2493
  • Parsing of some invalid header characters is more robust. :pr:2494
  • When starting the development server, a warning not to use it in a production deployment is always shown. :issue:2480
  • LocalProxy.__wrapped__ is always set to the wrapped object when the proxy is unbound, fixing an issue in doctest that would cause it to fail. :issue:2485
  • Address one ResourceWarning related to the socket used by run_simple. :issue:2421

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • @dependabot use these labels will set the current labels as the default for future PRs for this repo and language
  • @dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language
  • @dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language
  • @dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dpuenteramirez and others added 30 commits January 22, 2022 19:27
@dpuenteramirez
Added support fot branch-issue bot
91bee49 
Now it will create a branch when /cib is typed in an issue comment section.
@dpuenteramirez
Copyright now takes the current year and MEC link updated #1
0d194ba
@dpuenteramirez
Minor mods #1
2e98296
@dpuenteramirez
Added support for Self-Trainig and SVC #2
a4ffad7
@dpuenteramirez
Added a file with the dump version of the working DB #2
aa3d904
@dpuenteramirez
Allow git to track the DB changes so no dump is required
1f6f895 
This modification will be restored to it's previous once all new algorithms and may be filters are added.
@dpuenteramirez
Added 'Semi Supervised Classification' as a new Algorithm Type #3
9bf8411
@dpuenteramirez
Added SemiSupervised functionality #3
8f2a2c9
@dpuenteramirez
Added support for spanish index #9 Added structure for languages #8
9d9b362
@dpuenteramirez
Merge pull request #10 from dpr1005/development
9a5d6bd 
Semi Supervised Learning with Self Training and ES/EN index page
@dpuenteramirez
Added SSL algs to DB, added lib files, created ssl structure of exec #4
30c81f2
@dpuenteramirez
Added more multilingual based on tags #8
d656d24
@dpuenteramirez
Fixed a couple typos - nothing to worry about #1
9bb05c6
@dpuenteramirez
Required tweeks to SSL algs to integrate them #4 #5 #6 #7
1c9b06f
@dpuenteramirez
Updated SSL execution structure #4
4c92226
@dpuenteramirez
Merge pull request #11 from dpr1005/development
ae385a2 
CoTraining, TriTraining, Democratic Co-Learning integrated beta
@dpuenteramirez
Added CrossValidation and fixed predictions #4
f07eaa3
@dpuenteramirez
Merge pull request #12 from dpr1005/development
e4069c5 
Added Cross-Validation and predictions
@dpuenteramirez
Added validation for target class in SemiSupervised #4
9013bb9
@dpuenteramirez
Merge pull request #13 from dpr1005/development
ec3a0c7 
Added validation for target class in SemiSupervised #4
@dpuenteramirez
Fixed popup validation #14
3178b1b
@dpuenteramirez
Merge pull request #15 from dpr1005/hotfix
3759fe8 
Fixed popup validation #14
@dpuenteramirez
Merge pull request #16 from dpr1005/development
3470092 
Fixed validation alert for SSL when reusing experiments
@dpuenteramirez
Added ENN - pipe it remains #17 #18
74cc18c
@dpuenteramirez
ENN working with Semi Supervised Classification #17 #18
3a8d3c9
@dpuenteramirez
CNN working with Semi Supervised Classification #17 #19
cb1cef3
@dpuenteramirez
Added filters RNN, MSS, ICF, DROP3 to DB #17 #20 #21 #22 #23
6763aed
@dpuenteramirez
Updated is_ssl filters #17 #20 #21 #22 #23
2c0d35a
@dpuenteramirez
Merge pull request #26 from dpr1005/development
4eb945e 
Filters integrated with UBUMLaaS Semi-Supervised
@dpuenteramirez
is_ssl filters now work with Sklearn #17 #25
cac371d
dpuenteramirez and others added 27 commits May 5, 2022 10:12
@dpuenteramirez
Updated .gitignore to omit DB changes #104
f741d07
@dpuenteramirez
Changed weka wrapper version #104
9bd17f6
@dpuenteramirez
Updated Travis-CI to use miniconda #105
bc35183
@dpuenteramirez
Removed extra PIP install #105
959e095
@dpuenteramirez
Updated imbalanced-learn version to 0.9.0 #105
a029592
@dpuenteramirez
Downgraded imbalanced-learn to 0.7.0 #105
59ef40c
@dpuenteramirez
Updated Weka Files #105
112bd08
@dpuenteramirez
Now runs with 16 workers #106
465714d
@dpuenteramirez
Updated refs integrity and chenged <i> to <em> #107
a3efd5d
@dpuenteramirez
Update README.md
179e158
@dpuenteramirez
Pre Release all files #108
0d7994f
@dpuenteramirez
Merge pull request #108 from dpr1005/development
7f3d3d1 
Pre-Release
@dependabot
Bump urllib3 from 1.25.6 to 1.26.5
ec7a932 
Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.25.6 to 1.26.5.
- [Release notes](https://github.com/urllib3/urllib3/releases)
- [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst)
- [Commits](urllib3/urllib3@1.25.6...1.26.5)

---
updated-dependencies:
- dependency-name: urllib3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
Bump jinja2 from 2.11.2 to 2.11.3
27dd526 
Bumps [jinja2](https://github.com/pallets/jinja) from 2.11.2 to 2.11.3.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](pallets/jinja@2.11.2...2.11.3)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dpuenteramirez
Merge pull request #111 from dpr1005/dependabot/pip/urllib3-1.26.5
7f86ef6 
Bump urllib3 from 1.25.6 to 1.26.5
@dpuenteramirez
Merge pull request #110 from dpr1005/dependabot/pip/jinja2-2.11.3
60b1182 
Bump jinja2 from 2.11.2 to 2.11.3
@dpuenteramirez
Update UBUMLaaS_env.yml
67f1d38
@dpuenteramirez
Update README to final version #112
3a182f5
@dpuenteramirez
Updated README Badges #112
6233772
@dpuenteramirez
Update README links #112
81c22db
@dpuenteramirez
Restored initial state of .gitignore
9b17374
@dpuenteramirez
Updated ENV_VARS to ease integration
5e768a4
@dpuenteramirez
Production Ready Tests OK
554e6f0
@dpuenteramirez
Fixed IS-SSL filters #113
24e9b8e
@jlgarridol
Merge pull request #256 from dpuenteramirez/master
3966d63 
New Version with support for SemiSupervised Classification and with an admin interface
@jlgarridol
Update README.md
0a24e4f
@dependabot
Bump werkzeug from 0.15.6 to 2.2.3
cf0ed8c 
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 0.15.6 to 2.2.3.
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](pallets/werkzeug@0.15.6...2.2.3)

---
updated-dependencies:
- dependency-name: werkzeug
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Feb 15, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file python Pull requests that update Python code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dpuenteramirez @jlgarridol