Skip to content

Bump werkzeug from 2.3.4 to 2.3.5#32

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/werkzeug-2.3.5
Closed

Bump werkzeug from 2.3.4 to 2.3.5#32
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/pip/werkzeug-2.3.5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 8, 2023

Copy link
Copy Markdown

Bumps werkzeug from 2.3.4 to 2.3.5.

Release notes

Sourced from werkzeug's releases.

2.3.5

This is a fix release for the 2.3.x feature branch.

Changelog

Sourced from werkzeug's changelog.

Version 2.3.5

Released 2023-06-07

  • Python 3.12 compatibility. :issue:2704
  • Fix handling of invalid base64 values in Authorization.from_header. :issue:2717
  • The debugger escapes the exception message in the page title. :pr:2719
  • When binding routing.Map, a long IDNA server_name with a port does not fail encoding. :issue:2700
  • iri_to_uri shows a deprecation warning instead of an error when passing bytes. :issue:2708
  • When parsing numbers in HTTP request headers such as Content-Length, only ASCII digits are accepted rather than any format that Python's int and float accept. :issue:2716
Commits
  • 2c9b513 release version 2.3.5
  • 86c5c78 fail on Python's extended int/float syntax (#2723)
  • 6290332 fail on Python's extended int/float syntax
  • 1892c10 show warning instead of error when passing bytes to iri_to_uri (#2709)
  • dc9e73b passing bytes to iri_to_uri shows deprecation warning
  • d70b37d Map.bind ignores port for IDNA (#2721)
  • 23593ae Map.bind ignores port for IDNA
  • 031991a [pre-commit.ci] pre-commit autoupdate (#2720)
  • c431ab3 [pre-commit.ci] pre-commit autoupdate
  • 7d2f846 retarget pre-commit.ci
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [werkzeug](https://github.com/pallets/werkzeug) from 2.3.4 to 2.3.5.
- [Release notes](https://github.com/pallets/werkzeug/releases)
- [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst)
- [Commits](pallets/werkzeug@2.3.4...2.3.5)

---
updated-dependencies:
- dependency-name: werkzeug
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Jun 8, 2023
@guilhermefpv guilhermefpv temporarily deployed to onlyonecode-dependabot--pqa0rl June 8, 2023 12:14 Inactive
@dependabot @github

dependabot Bot commented on behalf of github Jun 9, 2023

Copy link
Copy Markdown
Author

Superseded by #35.

@dependabot dependabot Bot closed this Jun 9, 2023
@dependabot dependabot Bot deleted the dependabot/pip/werkzeug-2.3.5 branch June 9, 2023 11:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant