Initial Update

[pyup-bot]

This is my first visit to this fine repo so I have bundled all updates in a single pull request to make things easier for you to merge.

Close this pull request and delete the branch if you want me to start with single pull requests right away

Here's the executive summary:

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

coverage	4.0.3	»	4.4.1	PyPI | Changelog | Docs
Flask	0.10.1	»	0.12.2	PyPI | Changelog | Repo
Flask-Fixtures	0.3.3	»	0.3.7	PyPI | Repo
Flask-HTTPAuth	3.1.0	»	3.2.3	PyPI | Changelog | Repo | Docs
flask-paginate	0.4.1	»	0.5.0	PyPI | Repo | Docs
Flask-RESTful	0.3.5	»	0.3.6	PyPI | Changelog | Repo
passlib	1.6.5	»	1.7.1	PyPI | Repo | Docs
python-coveralls	2.7.0	»	2.9.1	PyPI | Repo
SQLAlchemy	1.0.12	»	1.1.12	PyPI | Changelog | Homepage

Changelogs

coverage 4.0.3 -> 4.4.1

4.4.1

---

• No code changes: just corrected packaging for Python 2.7 Linux wheels.

.. _changes_44:

4.4

---

• Reports could produce the wrong file names for packages, reporting pkg.py
  instead of the correct pkg/__init__.py. This is now fixed. Thanks, Dirk
  Thomas.

• XML reports could produce <source> and <class> lines that together
  didn't specify a valid source file path. This is now fixed. (issue 526_)

• Namespace packages are no longer warned as having no code. (issue 572_)

• Code that uses sys.settrace(sys.gettrace()) in a file that wasn't being
  coverage-measured would prevent correct coverage measurement in following
  code. An example of this was running doctests programmatically. This is now
  fixed. (issue 575_)

• Errors printed by the coverage command now go to stderr instead of
  stdout.

• Running coverage xml in a directory named with non-ASCII characters would
  fail under Python 2. This is now fixed. (issue 573_)

.. _issue 526: https://bitbucket.org/ned/coveragepy/issues/526/generated-xml-invalid-paths-for-cobertura
.. _issue 572: https://bitbucket.org/ned/coveragepy/issues/572/no-python-source-warning-for-namespace
.. _issue 573: https://bitbucket.org/ned/coveragepy/issues/573/cant-generate-xml-report-if-some-source
.. _issue 575: https://bitbucket.org/ned/coveragepy/issues/575/running-doctest-prevents-complete-coverage

4.4b1

---

• Some warnings can now be individually disabled. Warnings that can be
  disabled have a short name appended. The [run] disable_warnings setting
  takes a list of these warning names to disable. Closes both issue 96_ and
  issue 355_.

• The XML report now includes attributes from version 4 of the Cobertura XML
  format, fixing issue 570_.

• In previous versions, calling a method that used collected data would prevent
  further collection. For example, save(), report(), html_report(), and
  others would all stop collection. An explicit start() was needed to get it
  going again. This is no longer true. Now you can use the collected data and
  also continue measurement. Both issue 79_ and issue 448_ described this
  problem, and have been fixed.

• Plugins can now find unexecuted files if they choose, by implementing the
  find_executable_files method. Thanks, Emil Madsen.

• Minimal IronPython support. You should be able to run IronPython programs
  under coverage run, though you will still have to do the reporting phase
  with CPython.

• Coverage.py has long had a special hack to support CPython's need to measure
  the coverage of the standard library tests. This code was not installed by
  kitted versions of coverage.py. Now it is.

.. _issue 79: https://bitbucket.org/ned/coveragepy/issues/79/save-prevents-harvesting-on-stop
.. _issue 96: https://bitbucket.org/ned/coveragepy/issues/96/unhelpful-warnings-produced-when-using
.. _issue 355: https://bitbucket.org/ned/coveragepy/issues/355/warnings-should-be-suppressable
.. _issue 448: https://bitbucket.org/ned/coveragepy/issues/448/save-and-html_report-prevent-further
.. _issue 570: https://bitbucket.org/ned/coveragepy/issues/570/cobertura-coverage-04dtd-support

.. _changes_434:

4.3.4

---

• Fixing 2.6 in version 4.3.3 broke other things, because the too-tricky
  exception wasn't properly derived from Exception, described in issue 556_.
  A newb mistake; it hasn't been a good few days.

.. _issue 556: https://bitbucket.org/ned/coveragepy/issues/556/43-fails-if-there-are-html-files-in-the

.. _changes_433:

4.3.3

---

• Python 2.6 support was broken due to a testing exception imported for the
  benefit of the coverage.py test suite. Properly conditionalizing it fixed
  issue 554_ so that Python 2.6 works again.

.. _issue 554: https://bitbucket.org/ned/coveragepy/issues/554/traceback-on-python-26-starting-with-432

.. _changes_432:

4.3.2

---

• Using the --skip-covered option on an HTML report with 100% coverage
  would cause a "No data to report" error, as reported in issue 549_. This is
  now fixed; thanks, Loïc Dachary.

• If-statements can be optimized away during compilation, for example, if 0:
  or if __debug__:. Coverage.py had problems properly understanding these
  statements which existed in the source, but not in the compiled bytecode.
  This problem, reported in issue 522_, is now fixed.

• If you specified --source as a directory, then coverage.py would look for
  importable Python files in that directory, and could identify ones that had
  never been executed at all. But if you specified it as a package name, that
  detection wasn't performed. Now it is, closing issue 426_. Thanks to Loïc
  Dachary for the fix.

• If you started and stopped coverage measurement thousands of times in your
  process, you could crash Python with a "Fatal Python error: deallocating
  None" error. This is now fixed. Thanks to Alex Groce for the bug report.

• On PyPy, measuring coverage in subprocesses could produce a warning: "Trace
  function changed, measurement is likely wrong: None". This was spurious, and
  has been suppressed.

• Previously, coverage.py couldn't start on Jython, due to that implementation
  missing the multiprocessing module (issue 551). This problem has now been
  fixed. Also, issue 322 about not being able to invoke coverage
  conveniently, seems much better: jython -m coverage run myprog.py works
  properly.

• Let's say you ran the HTML report over and over again in the same output
  directory, with --skip-covered. And imagine due to your heroic
  test-writing efforts, a file just acheived the goal of 100% coverage. With
  coverage.py 4.3, the old HTML file with the less-than-100% coverage would be
  left behind. This file is now properly deleted.

.. _issue 322: https://bitbucket.org/ned/coveragepy/issues/322/cannot-use-coverage-with-jython
.. issue 426: https://bitbucket.org/ned/coveragepy/issues/426/difference-between-coverage-results-with
.. issue 522: https://bitbucket.org/ned/coveragepy/issues/522/incorrect-branch-reporting-with-__debug
.. _issue 549: https://bitbucket.org/ned/coveragepy/issues/549/skip-covered-with-100-coverage-throws-a-no
.. _issue 551: https://bitbucket.org/ned/coveragepy/issues/551/coveragepy-cannot-be-imported-in-jython27

.. _changes_431:

4.3.1

---

• Some environments couldn't install 4.3, as described in issue 540_. This is
  now fixed.

• The check for conflicting --source and --include was too simple in a
  few different ways, breaking a few perfectly reasonable use cases, described
  in issue 541. The check has been reverted while we re-think the fix for
  issue 265.

.. _issue 540: https://bitbucket.org/ned/coveragepy/issues/540/cant-install-coverage-v43-into-under
.. _issue 541: https://bitbucket.org/ned/coveragepy/issues/541/coverage-43-breaks-nosetest-with-coverage

.. _changes_43:

4.3

---

Special thanks to Loïc Dachary, who took an extraordinary interest in
coverage.py and contributed a number of improvements in this release.

• Subprocesses that are measured with automatic subprocess measurement_ used
  to read in any pre-existing data file. This meant data would be incorrectly
  carried forward from run to run. Now those files are not read, so each
  subprocess only writes its own data. Fixes issue 510_.

• The coverage combine command will now fail if there are no data files to
  combine. The combine changes in 4.2 meant that multiple combines could lose
  data, leaving you with an empty .coverage data file. Fixes
  issue 525, issue 412, issue 516, and probably issue 511.

• Coverage.py wouldn't execute sys.excepthook_ when an exception happened in
  your program. Now it does, thanks to Andrew Hoos. Closes issue 535_.

• Branch coverage fixes:

• Branch coverage could misunderstand a finally clause on a try block that
  never continued on to the following statement, as described in issue 493_. This is now fixed. Thanks to Joe Doherty for the report and Loïc
  Dachary for the fix.

• A while loop with a constant condition (while True) and a continue
  statement would be mis-analyzed, as described in issue 496_. This is now
  fixed, thanks to a bug report by Eli Skeggs and a fix by Loïc Dachary.

• While loops with constant conditions that were never executed could result
  in a non-zero coverage report. Artem Dayneko reported this in issue 502_, and Loïc Dachary provided the fix.

• The HTML report now supports a --skip-covered option like the other
  reporting commands. Thanks, Loïc Dachary for the implementation, closing
  issue 433_.

• Options can now be read from a tox.ini file, if any. Like setup.cfg, sections
  are prefixed with "coverage:", so [run] options will be read from the
  [coverage:run] section of tox.ini. Implements part of issue 519_.
  Thanks, Stephen Finucane.

• Specifying both --source and --include no longer silently ignores the
  include setting, instead it fails with a message. Thanks, Nathan Land and
  Loïc Dachary. Closes issue 265_.

• The Coverage.combine method has a new parameter, strict=False, to
  support failing if there are no data files to combine.

• When forking subprocesses, the coverage data files would have the same random
  number appended to the file name. This didn't cause problems, because the
  file names had the process id also, making collisions (nearly) impossible.
  But it was disconcerting. This is now fixed.

• The text report now properly sizes headers when skipping some files, fixing
  issue 524_. Thanks, Anthony Sottile and Loïc Dachary.

• Coverage.py can now search .pex files for source, just as it can .zip and
  .egg. Thanks, Peter Ebden.

• Data files are now about 15% smaller.

• Improvements in the [run] debug setting:

• The "dataio" debug setting now also logs when data files are deleted during
  combining or erasing.

• A new debug option, "multiproc", for logging the behavior of
  concurrency=multiprocessing.

• If you used the debug options "config" and "callers" together, you'd get a
  call stack printed for every line in the multi-line config output. This is
  now fixed.

• Fixed an unusual bug involving multiple coding declarations affecting code
  containing code in multi-line strings: issue 529_.

• Coverage.py will no longer be misled into thinking that a plain file is a
  package when interpreting --source options. Thanks, Cosimo Lupo.

• If you try to run a non-Python file with coverage.py, you will now get a more
  useful error message. Issue 514_.

• The default pragma regex changed slightly, but this will only matter to you
  if you are deranged and use mixed-case pragmas.

• Deal properly with non-ASCII file names in an ASCII-only world, issue 533_.

• Programs that set Unicode configuration values could cause UnicodeErrors when
  generating HTML reports. Pytest-cov is one example. This is now fixed.

• Prevented deprecation warnings from configparser that happened in some
  circumstances, closing issue 530_.

• Corrected the name of the jquery.ba-throttle-debounce.js library. Thanks,
  Ben Finney. Closes issue 505_.

• Testing against PyPy 5.6 and PyPy3 5.5.

• Switched to pytest from nose for running the coverage.py tests.

• Renamed AUTHORS.txt to CONTRIBUTORS.txt, since there are other ways to
  contribute than by writing code. Also put the count of contributors into the
  author string in setup.py, though this might be too cute.

.. _sys.excepthook: https://docs.python.org/3/library/sys.htmlsys.excepthook
.. _issue 265: https://bitbucket.org/ned/coveragepy/issues/265/when-using-source-include-is-silently
.. _issue 412: https://bitbucket.org/ned/coveragepy/issues/412/coverage-combine-should-error-if-no
.. _issue 433: https://bitbucket.org/ned/coveragepy/issues/433/coverage-html-does-not-suport-skip-covered
.. _issue 493: https://bitbucket.org/ned/coveragepy/issues/493/confusing-branching-failure
.. _issue 496: https://bitbucket.org/ned/coveragepy/issues/496/incorrect-coverage-with-branching-and
.. _issue 502: https://bitbucket.org/ned/coveragepy/issues/502/incorrect-coverage-report-with-cover
.. _issue 505: https://bitbucket.org/ned/coveragepy/issues/505/use-canonical-filename-for-debounce
.. _issue 514: https://bitbucket.org/ned/coveragepy/issues/514/path-to-problem-file-not-reported-when
.. _issue 510: https://bitbucket.org/ned/coveragepy/issues/510/erase-still-needed-in-42
.. _issue 511: https://bitbucket.org/ned/coveragepy/issues/511/version-42-coverage-combine-empties
.. _issue 516: https://bitbucket.org/ned/coveragepy/issues/516/running-coverage-combine-twice-deletes-all
.. _issue 519: https://bitbucket.org/ned/coveragepy/issues/519/coverage-run-sections-in-toxini-or-as
.. _issue 524: https://bitbucket.org/ned/coveragepy/issues/524/coverage-report-with-skip-covered-column
.. _issue 525: https://bitbucket.org/ned/coveragepy/issues/525/coverage-combine-when-not-in-parallel-mode
.. _issue 529: https://bitbucket.org/ned/coveragepy/issues/529/encoding-marker-may-only-appear-on-the
.. _issue 530: https://bitbucket.org/ned/coveragepy/issues/530/deprecationwarning-you-passed-a-bytestring
.. _issue 533: https://bitbucket.org/ned/coveragepy/issues/533/exception-on-unencodable-file-name
.. _issue 535: https://bitbucket.org/ned/coveragepy/issues/535/sysexcepthook-is-not-called

.. _changes_42:

4.2

---

• Since concurrency=multiprocessing uses subprocesses, options specified on
  the coverage.py command line will not be communicated down to them. Only
  options in the configuration file will apply to the subprocesses.
  Previously, the options didn't apply to the subprocesses, but there was no
  indication. Now it is an error to use --concurrency=multiprocessing and
  other run-affecting options on the command line. This prevents
  failures like those reported in issue 495_.

• Filtering the HTML report is now faster, thanks to Ville Skyttä.

.. _issue 495: https://bitbucket.org/ned/coveragepy/issues/495/branch-and-concurrency-are-conflicting

4.2b1

---

Work from the PyCon 2016 Sprints!

• BACKWARD INCOMPATIBILITY: the coverage combine command now ignores an
  existing .coverage data file. It used to include that file in its
  combining. This caused confusing results, and extra tox "clean" steps. If
  you want the old behavior, use the new coverage combine --append option.

• The concurrency option can now take multiple values, to support programs
  using multiprocessing and another library such as eventlet. This is only
  possible in the configuration file, not from the command line. The
  configuration file is the only way for sub-processes to all run with the same
  options. Fixes issue 484_. Thanks to Josh Williams for prototyping.

• Using a concurrency setting of multiprocessing now implies
  --parallel so that the main program is measured similarly to the
  sub-processes.

• When using automatic subprocess measurement, running coverage commands
  would create spurious data files. This is now fixed, thanks to diagnosis and
  testing by Dan Riti. Closes issue 492.

• A new configuration option, report:sort, controls what column of the
  text report is used to sort the rows. Thanks to Dan Wandschneider, this
  closes issue 199_.

• The HTML report has a more-visible indicator for which column is being
  sorted. Closes issue 298_, thanks to Josh Williams.

• If the HTML report cannot find the source for a file, the message now
  suggests using the -i flag to allow the report to continue. Closes
  issue 231_, thanks, Nathan Land.

• When reports are ignoring errors, there's now a warning if a file cannot be
  parsed, rather than being silently ignored. Closes issue 396_. Thanks,
  Matthew Boehm.

• A new option for coverage debug is available: coverage debug config
  shows the current configuration. Closes issue 454_, thanks to Matthew
  Boehm.

• Running coverage as a module (python -m coverage) no longer shows the
  program name as __main__.py. Fixes issue 478_. Thanks, Scott Belden.

• The test_helpers module has been moved into a separate pip-installable
  package: unittest-mixins_.

.. _automatic subprocess measurement: http://coverage.readthedocs.io/en/latest/subprocess.html
.. _issue 199: https://bitbucket.org/ned/coveragepy/issues/199/add-a-way-to-sort-the-text-report
.. _issue 231: https://bitbucket.org/ned/coveragepy/issues/231/various-default-behavior-in-report-phase
.. _issue 298: https://bitbucket.org/ned/coveragepy/issues/298/show-in-html-report-that-the-columns-are
.. _issue 396: https://bitbucket.org/ned/coveragepy/issues/396/coverage-xml-shouldnt-bail-out-on-parse
.. _issue 454: https://bitbucket.org/ned/coveragepy/issues/454/coverage-debug-config-should-be
.. _issue 478: https://bitbucket.org/ned/coveragepy/issues/478/help-shows-silly-program-name-when-running
.. _issue 484: https://bitbucket.org/ned/coveragepy/issues/484/multiprocessing-greenlet-concurrency
.. _issue 492: https://bitbucket.org/ned/coveragepy/issues/492/subprocess-coverage-strange-detection-of
.. _unittest-mixins: https://pypi.python.org/pypi/unittest-mixins

.. _changes_41:

4.1

---

• The internal attribute Reporter.file_reporters was removed in 4.1b3. It
  should have come has no surprise that there were third-party tools out there
  using that attribute. It has been restored, but with a deprecation warning.

4.1b3

---

• When running your program, execution can jump from an except X: line to
  some other line when an exception other than X happens. This jump is no
  longer considered a branch when measuring branch coverage.

• When measuring branch coverage, yield statements that were never resumed
  were incorrectly marked as missing, as reported in issue 440_. This is now
  fixed.

• During branch coverage of single-line callables like lambdas and generator
  expressions, coverage.py can now distinguish between them never being called,
  or being called but not completed. Fixes issue 90, issue 460 and
  issue 475_.

• The HTML report now has a map of the file along the rightmost edge of the
  page, giving an overview of where the missed lines are. Thanks, Dmitry
  Shishov.

• The HTML report now uses different monospaced fonts, favoring Consolas over
  Courier. Along the way, issue 472_ about not properly handling one-space
  indents was fixed. The index page also has slightly different styling, to
  try to make the clickable detail pages more apparent.

• Missing branches reported with coverage report -m will now say ->exit
  for missed branches to the exit of a function, rather than a negative number.
  Fixes issue 469_.

• coverage --help and coverage --version now mention which tracer is
  installed, to help diagnose problems. The docs mention which features need
  the C extension. (issue 479_)

• Officially support PyPy 5.1, which required no changes, just updates to the
  docs.

• The Coverage.report function had two parameters with non-None defaults,
  which have been changed. show_missing used to default to True, but now
  defaults to None. If you had been calling Coverage.report without
  specifying show_missing, you'll need to explicitly set it to True to keep
  the same behavior. skip_covered used to default to False. It is now None,
  which doesn't change the behavior. This fixes issue 485_.

• It's never been possible to pass a namespace module to one of the analysis
  functions, but now at least we raise a more specific error message, rather
  than getting confused. (issue 456_)

• The coverage.process_startup function now returns the Coverage instance
  it creates, as suggested in issue 481_.

• Make a small tweak to how we compare threads, to avoid buggy custom
  comparison code in thread classes. (issue 245_)

.. _issue 90: https://bitbucket.org/ned/coveragepy/issues/90/lambda-expression-confuses-branch
.. _issue 245: https://bitbucket.org/ned/coveragepy/issues/245/change-solution-for-issue-164
.. _issue 440: https://bitbucket.org/ned/coveragepy/issues/440/yielded-twisted-failure-marked-as-missed
.. _issue 456: https://bitbucket.org/ned/coveragepy/issues/456/coverage-breaks-with-implicit-namespaces
.. _issue 460: https://bitbucket.org/ned/coveragepy/issues/460/confusing-html-report-for-certain-partial
.. _issue 469: https://bitbucket.org/ned/coveragepy/issues/469/strange-1-line-number-in-branch-coverage
.. _issue 472: https://bitbucket.org/ned/coveragepy/issues/472/html-report-indents-incorrectly-for-one
.. _issue 475: https://bitbucket.org/ned/coveragepy/issues/475/generator-expression-is-marked-as-not
.. _issue 479: https://bitbucket.org/ned/coveragepy/issues/479/clarify-the-need-for-the-c-extension
.. _issue 481: https://bitbucket.org/ned/coveragepy/issues/481/asyncioprocesspoolexecutor-tracing-not
.. _issue 485: https://bitbucket.org/ned/coveragepy/issues/485/coveragereport-ignores-show_missing-and

4.1b2

---

• Problems with the new branch measurement in 4.1 beta 1 were fixed:

• Class docstrings were considered executable. Now they no longer are.

• yield from and await were considered returns from functions, since
  they could tranfer control to the caller. This produced unhelpful "missing
  branch" reports in a number of circumstances. Now they no longer are
  considered returns.

• In unusual situations, a missing branch to a negative number was reported.
  This has been fixed, closing issue 466_.

• The XML report now produces correct package names for modules found in
  directories specified with source=. Fixes issue 465_.

• coverage report won't produce trailing whitespace.

.. _issue 465: https://bitbucket.org/ned/coveragepy/issues/465/coveragexml-produces-package-names-with-an
.. _issue 466: https://bitbucket.org/ned/coveragepy/issues/466/impossible-missed-branch-to-a-negative

4.1b1

---

• Branch analysis has been rewritten: it used to be based on bytecode, but now
  uses AST analysis. This has changed a number of things:

• More code paths are now considered runnable, especially in
  try/except structures. This may mean that coverage.py will
  identify more code paths as uncovered. This could either raise or lower
  your overall coverage number.

• Python 3.5's async and await keywords are properly supported,
  fixing issue 434_.

• Some long-standing branch coverage bugs were fixed:

• issue 129_: functions with only a docstring for a body would
  incorrectly report a missing branch on the def line.

• issue 212_: code in an except block could be incorrectly marked as
  a missing branch.

• issue 146_: context managers (with statements) in a loop or try
  block could confuse the branch measurement, reporting incorrect partial
  branches.

• issue 422_: in Python 3.5, an actual partial branch could be marked as
  complete.

• Pragmas to disable coverage measurement can now be used on decorator lines,
  and they will apply to the entire function or class being decorated. This
  implements the feature requested in issue 131_.

• Multiprocessing support is now available on Windows. Thanks, Rodrigue
  Cloutier.

• Files with two encoding declarations are properly supported, fixing
  issue 453_. Thanks, Max Linke.

• Non-ascii characters in regexes in the configuration file worked in 3.7, but
  stopped working in 4.0. Now they work again, closing issue 455_.

• Form-feed characters would prevent accurate determination of the beginning of
  statements in the rest of the file. This is now fixed, closing issue 461_.

.. _issue 129: https://bitbucket.org/ned/coveragepy/issues/129/misleading-branch-coverage-of-empty
.. _issue 131: https://bitbucket.org/ned/coveragepy/issues/131/pragma-on-a-decorator-line-should-affect
.. _issue 146: https://bitbucket.org/ned/coveragepy/issues/146/context-managers-confuse-branch-coverage
.. _issue 212: https://bitbucket.org/ned/coveragepy/issues/212/coverage-erroneously-reports-partial
.. _issue 422: https://bitbucket.org/ned/coveragepy/issues/422/python35-partial-branch-marked-as-fully
.. _issue 434: https://bitbucket.org/ned/coveragepy/issues/434/indexerror-in-python-35
.. _issue 453: https://bitbucket.org/ned/coveragepy/issues/453/source-code-encoding-can-only-be-specified
.. _issue 455: https://bitbucket.org/ned/coveragepy/issues/455/unusual-exclusions-stopped-working-in
.. _issue 461: https://bitbucket.org/ned/coveragepy/issues/461/multiline-asserts-need-too-many-pragma

.. _changes_403:

Flask 0.10.1 -> 0.12.2

0.12.2

---

Released on May 16 2017

• Fix a bug in safe_join on Windows.

0.12.1

---

Bugfix release, released on March 31st 2017

• Prevent flask run from showing a NoAppException when an ImportError occurs
  within the imported application module.
• Fix encoding behavior of app.config.from_pyfile for Python 3. Fix
  2118.
• Use the SERVER_NAME config if it is present as default values for
  app.run. 2109, 2152
• Call ctx.auto_pop with the exception object instead of None, in the
  event that a BaseException such as KeyboardInterrupt is raised in a
  request handler.

0.12

---

Released on December 21st 2016, codename Punsch.

• the cli command now responds to --version.
• Mimetype guessing and ETag generation for file-like objects in send_file
  has been removed, as per issue 104. See pull request 1849.
• Mimetype guessing in send_file now fails loudly and doesn't fall back to
  application/octet-stream. See pull request 1988.
• Make flask.safe_join able to join multiple paths like os.path.join
  (pull request 1730).
• Revert a behavior change that made the dev server crash instead of returning
  a Internal Server Error (pull request 2006).
• Correctly invoke response handlers for both regular request dispatching as
  well as error handlers.
• Disable logger propagation by default for the app logger.
• Add support for range requests in send_file.
• app.test_client includes preset default environment, which can now be
  directly set, instead of per client.get.

0.11.2

---

Bugfix release, unreleased

• Fix crash when running under PyPy3, see pull request 1814.

0.11.1

---

Bugfix release, released on June 7th 2016.

• Fixed a bug that prevented FLASK_APP=foobar/__init__.py from working. See
  pull request 1872.

0.11

---

Released on May 29th 2016, codename Absinthe.

• Added support to serializing top-level arrays to :func:flask.jsonify. This
  introduces a security risk in ancient browsers. See
  :ref:json-security for details.
• Added before_render_template signal.
• Added **kwargs to :meth:flask.Test.test_client to support passing
  additional keyword arguments to the constructor of
  :attr:flask.Flask.test_client_class.
• Added SESSION_REFRESH_EACH_REQUEST config key that controls the
  set-cookie behavior. If set to True a permanent session will be
  refreshed each request and get their lifetime extended, if set to
  False it will only be modified if the session actually modifies.
  Non permanent sessions are not affected by this and will always
  expire if the browser window closes.
• Made Flask support custom JSON mimetypes for incoming data.
• Added support for returning tuples in the form (response, headers)
  from a view function.
• Added :meth:flask.Config.from_json.
• Added :attr:flask.Flask.config_class.
• Added :meth:flask.Config.get_namespace.
• Templates are no longer automatically reloaded outside of debug mode. This
  can be configured with the new TEMPLATES_AUTO_RELOAD config key.
• Added a workaround for a limitation in Python 3.3's namespace loader.
• Added support for explicit root paths when using Python 3.3's namespace
  packages.
• Added :command:flask and the flask.cli module to start the local
  debug server through the click CLI system. This is recommended over the old
  flask.run() method as it works faster and more reliable due to a
  different design and also replaces Flask-Script.
• Error handlers that match specific classes are now checked first,
  thereby allowing catching exceptions that are subclasses of HTTP
  exceptions (in werkzeug.exceptions). This makes it possible
  for an extension author to create exceptions that will by default
  result in the HTTP error of their choosing, but may be caught with
  a custom error handler if desired.
• Added :meth:flask.Config.from_mapping.
• Flask will now log by default even if debug is disabled. The log format is
  now hardcoded but the default log handling can be disabled through the
  LOGGER_HANDLER_POLICY configuration key.
• Removed deprecated module functionality.
• Added the EXPLAIN_TEMPLATE_LOADING config flag which when enabled will
  instruct Flask to explain how it locates templates. This should help
  users debug when the wrong templates are loaded.
• Enforce blueprint handling in the order they were registered for template
  loading.
• Ported test suite to py.test.
• Deprecated request.json in favour of request.get_json().
• Add "pretty" and "compressed" separators definitions in jsonify() method.
  Reduces JSON response size when JSONIFY_PRETTYPRINT_REGULAR=False by removing
  unnecessary white space included by default after separators.
• JSON responses are now terminated with a newline character, because it is a
  convention that UNIX text files end with a newline and some clients don't
  deal well when this newline is missing. See
  Add JSONIFY_END_WITH_NEWLINE config variable pallets/flask#1262 -- this came up originally as a
  part of https://github.com/kennethreitz/httpbin/issues/168
• The automatically provided OPTIONS method is now correctly disabled if
  the user registered an overriding rule with the lowercase-version
  options (issue 1288).
• flask.json.jsonify now supports the datetime.date type (pull request
  1326).
• Don't leak exception info of already catched exceptions to context teardown
  handlers (pull request 1393).
• Allow custom Jinja environment subclasses (pull request 1422).
• flask.g now has pop() and setdefault methods.
• Turn on autoescape for flask.templating.render_template_string by default
  (pull request 1515).
• flask.ext is now deprecated (pull request 1484).
• send_from_directory now raises BadRequest if the filename is invalid on
  the server OS (pull request 1763).
• Added the JSONIFY_MIMETYPE configuration variable (pull request 1728).
• Exceptions during teardown handling will no longer leave bad application
  contexts lingering around.

0.10.2

---

(bugfix release, release date to be announced)

• Fixed broken test_appcontext_signals() test case.
• Raise an :exc:AttributeError in :func:flask.helpers.find_package with a
  useful message explaining why it is raised when a PEP 302 import hook is used
  without an is_package() method.
• Fixed an issue causing exceptions raised before entering a request or app
  context to be passed to teardown handlers.
• Fixed an issue with query parameters getting removed from requests in
  the test client when absolute URLs were requested.
• Made before_first_request into a decorator as intended.
• Fixed an etags bug when sending a file streams with a name.
• Fixed send_from_directory not expanding to the application root path
  correctly.
• Changed logic of before first request handlers to flip the flag after
  invoking. This will allow some uses that are potentially dangerous but
  should probably be permitted.
• Fixed Python 3 bug when a handler from app.url_build_error_handlers
  reraises the BuildError.

Flask-HTTPAuth 3.1.0 -> 3.2.3

3.2.2

• Validate authorization header in multi auth (51)

3.2.1

• Added __version__ to top-level package
• Added readme and license files to package

3.2.0

• Changed license to MIT
• Fix TCP Connection reset by peer error (39)

3.1.2

• Make password check more robust.

3.1.1

• MultiAuth class did not pass parameters to decorated function. (35)

Flask-RESTful 0.3.5 -> 0.3.6

0.3.6

---

Released May 31, 2017

• Argument.help now supports unicode strings (564)
• Flags can now be passed to inputs.regex (621)
• Fix behavior of action='append' in conjunction with location='json' (645)
• method_decorators can be a dict to apply decorator behavior for only specific HTTP methods (532)
• JSON keys are no longer sorted by default in debug mode in python3 (680)
• Various small fixes and updates to documentation

SQLAlchemy 1.0.12 -> 1.1.12

1.1.12

:released: July 24, 2017

.. change:: cache_order_sequence
:tags: feature, oracle, posgresql
:versions: 1.2.0b1

   Added new keywords :paramref:`.Sequence.cache` and
   :paramref:`.Sequence.order` to :class:`.Sequence`, to allow rendering
   of the CACHE parameter understood by Oracle and PostgreSQL, and the
   ORDER parameter understood by Oracle.  Pull request
   courtesy David Moore.

.. change:: 4033
:tags: bug, orm
🎟️ 4033
:versions: 1.2.0b2

   Fixed regression from 1.1.11 where adding additional non-entity
   columns to a query that includes an entity with subqueryload
   relationships would fail, due to an inspection added in 1.1.11 as a
   result of :ticket:`4011`.

.. change:: 4031
:tags: bug, orm
:versions: 1.2.0b2
🎟️ 4031

   Fixed bug involving JSON NULL evaluation logic added in 1.1 as part
   of :ticket:`3514` where the logic would not accommodate ORM
   mapped attributes named differently from the :class:`.Column`
   that was mapped.

.. change:: 4030
:tags: bug, orm
:versions: 1.2.0b2
🎟️ 4030

   Added ``KeyError`` checks to all methods within
   :class:`.WeakInstanceDict` where a check for ``key in dict`` is
   followed by indexed access to that key, to guard against a race against
   garbage collection that under load can remove the key from the dict
   after the code assumes its present, leading to very infrequent
   ``KeyError`` raises.

.. changelog::

1.1.11

:released: Monday, June 19, 2017

.. change:: 4012
:tags: bug, sql
🎟️ 4012
:versions: 1.2.0b1

   Fixed AttributeError which would occur in :class:`.WithinGroup`
   construct during an iteration of the structure.

.. change:: 4011
:tags: bug, orm
🎟️ 4011
:versions: 1.2.0b1

   Fixed issue with subquery eagerloading which continues on from
   the series of issues fixed in :ticket:`2699`, :ticket:`3106`,
   :ticket:`3893` involving that the "subquery" contains the correct
   FROM clause when beginning from a joined inheritance subclass
   and then subquery eager loading onto a relationship from
   the base class, while the query also includes criteria against
   the subclass. The fix in the previous tickets did not accommodate
   for additional subqueryload operations loading more deeply from
   the first level, so the fix has been further generalized.

.. change:: 4005
:tags: bug, postgresql
🎟️ 4005
:versions: 1.2.0b1

   Continuing with the fix that correctly handles Postgresql
   version string "10devel" released in 1.1.8, an additional regexp
   bump to handle version strings of the form "10beta1".   While
   Postgresql now offers better ways to get this information, we
   are sticking w/ the regexp at least through 1.1.x for the least
   amount of risk to compatibility w/ older or alternate Postgresql
   databases.

.. change:: 4006
:tags: bug, postgresql
🎟️ 4006
:versions: 1.2.0b1

   Fixed bug where using :class:`.ARRAY` with a string type that
   features a collation would fail to produce the correct syntax
   within CREATE TABLE.

.. change:: 4007
:tags: bug, mysql
🎟️ 4007
:versions: 1.2.0b1

   MySQL 5.7 has introduced permission limiting for the "SHOW VARIABLES"
   command; the MySQL dialect will now handle when SHOW returns no
   row, in particular for the initial fetch of SQL_MODE, and will
   emit a warning that user permissions should be modified to allow the
   row to be present.

.. change:: 3994
:tags: bug, mssql
🎟️ 3994
:versions: 1.2.0b1

   Fixed bug where SQL Server transaction isolation must be fetched
   from a different view when using Azure data warehouse, the query
   is now attempted against both views and then a NotImplemented
   is raised unconditionally if failure continues to provide the
   best resiliency against future arbitrary API changes in new
   SQL Server versions.

.. change:: 3997
:tags: bug, oracle
🎟️ 3997
:versions: 1.2.0b1

   Support for two-phase transactions has been removed entirely for
   cx_Oracle when version 6.0b1 or later of the DBAPI is in use.  The two-
   phase feature historically has never been usable under cx_Oracle 5.x in
   any case, and cx_Oracle 6.x has removed the connection-level "twophase"
   flag upon which this feature relied.

.. change:: 3973
:tags: bug, mssql
🎟️ 3973
:versions: 1.2.0b1

   Added a placeholder type :class:`.mssql.XML` to the SQL Server
   dialect, so that a reflected table which includes this type can
   be re-rendered as a CREATE TABLE.  The type has no special round-trip
   behavior nor does it currently support additional qualifying
   arguments.

.. changelog::

1.1.10

:released: Friday, May 19, 2017

.. change:: 3986
:tags: bug, orm
:versions: 1.2.0b1
🎟️ 3986

   Fixed bug where a cascade such as "delete-orphan" (but others as well)
   would fail to locate an object linked to a relationship that itself
   is local to a subclass in an inheritance relationship, thus causing
   the operation to not take place.

.. change:: 3975
:tags: bug, oracle
:versions: 1.2.0b1
🎟️ 3975

   Fixed bug in cx_Oracle dialect where version string parsing would
   fail for cx_Oracle version 6.0b1 due to the "b" character.  Version
   string parsing is now via a regexp rather than a simple split.

.. change:: 3949
:tags: bug, schema
:versions: 1.2.0b1
🎟️ 3949

   An :class:`.ArgumentError` is now raised if a
   :class:`.ForeignKeyConstraint` object is created with a mismatched
   number of "local" and "remote" columns, which otherwise causes the
   internal state of the constraint to be incorrect.   Note that this
   also impacts the condition where a dialect's reflection process
   produces a mismatched set of columns for a foreign key constraint.

.. change:: 3980
:tags: bug, ext
:versions: 1.2.0b1
🎟️ 3980

   Protected against testing "None" as a class in the case where
   declarative classes are being garbage collected and new
   automap prepare() operations are taking place concurrently, very
   infrequently hitting a weakref that has not been fully acted upon
   after gc.

.. change::
:tags: bug, postgresql
:versions: 1.2.0b1

   Added "autocommit" support for GRANT, REVOKE keywords.  Pull request
   courtesy Jacob Hayes.

.. change:: 3966
:tags: bug, mysql
:versions: 1.2.0b1
🎟️ 3966

   Removed an ancient and unnecessary intercept of the UTC_TIMESTAMP
   MySQL function, which was getting in the way of using it with a
   parameter.

.. change:: 3961
:tags: bug, mysql
:versions: 1.2.0b1
🎟️ 3961

   Fixed bug in MySQL dialect regarding rendering of table options in
   conjunction with PARTITION options when rendering CREATE TABLE.
   The PARTITION related options need to follow the table options,
   whereas previously this ordering was not enforced.

.. changelog::

1.1.9

:released: April 4, 2017

.. change:: 3956
:tags: bug, ext
🎟️ 3956

   Fixed regression released in 1.1.8 due to :ticket:`3950` where the
   deeper search for information about column types in the case of a
   "schema type" or a :class:`.TypeDecorator` would produce an attribute
   error if the mapping also contained a :obj:`.column_property`.

.. change:: 3952
:tags: bug, sql
:versions: 1.2.0b1
🎟️ 3952

   Fixed regression released in 1.1.5 due to :ticket:`3859` where
   adjustments to the "right-hand-side" evaluation of an expression
   based on :class:`.Variant` to honor the underlying type's
   "right-hand-side" rules caused the :class:`.Variant` type
   to be inappropriately lost, in those cases when we *do* want the
   left-hand side type to be transferred directly to the right hand side
   so that bind-level rules can be applied to the expression's argument.

.. change:: 3955
:tags: bug, sql, postgresql
:versions: 1.2.0b1
🎟️ 3955

   Changed the mechanics of :class:`.ResultProxy` to unconditionally
   delay the "autoclose" step until the :class:`.Connection` is done
   with the object; in the case where Postgresql ON CONFLICT with
   RETURNING returns no rows, autoclose was occurring in this previously
   non-existent use case, causing the usual autocommit behavior that
   occurs unconditionally upon INSERT/UPDATE/DELETE to fail.

.. changelog::

1.1.8

:released: March 31, 2017

.. change:: 3950
:tags: bug, ext
:versions: 1.2.0b1
🎟️ 3950

   Fixed bug in :mod:`sqlalchemy.ext.mutable` where the
   :meth:`.Mutable.as_mutable` method would not track a type that had
   been copied using :meth:`.TypeEngine.copy`.  This became more of
   a regression in 1.1 compared to 1.0 because the :class:`.TypeDecorator`
   class is now a subclass of :class:`.SchemaEventTarget`, which among
   other things indicates to the parent :class:`.Column` that the type
   should be copied when the :class:`.Column` is.  These copies are
   common when using declarative with mixins or abstract classes.

.. change::
:tags: bug, ext
:versions: 1.2.0b1

   Added support for bound parameters, e.g. those normally set up
   via :meth:`.Query.params`, to the :meth:`.baked.Result.count`
   method.  Previously, support for parameters were omitted. Pull request
   courtesy Pat Deegan.

.. change::
:tags: bug, postgresql
:versions: 1.2.0b1

   Added support for parsing the Postgresql version string for
   a development version like "PostgreSQL 10devel".  Pull request
   courtesy Sean McCully.

.. changelog::

1.1.7

:released: March 27, 2017

.. change::
:tags: feature, orm
🎟️ 3933
:versions: 1.2.0b1

   An :func:`.aliased()` construct can now be passed to the
   :meth:`.Query.select_entity_from` method.   Entities will be pulled
   from the selectable represented by the :func:`.aliased` construct.
   This allows special options for :func:`.aliased` such as
   :paramref:`.aliased.adapt_on_names` to be used in conjunction with
   :meth:`.Query.select_entity_from`.

.. change::
:tags: bug, engine
🎟️ 3946
:versions: 1.2.0b1

   Added an exception handler that will warn for the "cause" exception on
   Py2K when the "autorollback" feature of :class:`.Connection` itself
   raises an exception. In Py3K, the two exceptions are naturally reported
   by the interpreter as one occurring during the handling of the other.
   This is continuing with the series of changes for rollback failure
   handling that were last visited as part of :ticket:`2696` in 1.0.12.

.. change::
:tags: bug, orm
🎟️ 3947
:versions: 1.2.0b1

   Fixed a race condition which could occur under threaded environments
   as a result of the caching added via :ticket:`3915`.   An internal
   collection of ``Column`` objects could be regenerated on an alias
   object inappropriately, confusing a joined eager loader when it
   attempts to render SQL and collect results and resulting in an
   attribute error.   The collection is now generated up front before
   the alias object is cached and shared among threads.

.. change::
:tags: bug, sql, postgresql
🎟️ 2892

   Added support for the :class:`.Variant` and the :class:`.SchemaType`
   objects to be compatible with each other.  That is, a variant
   can be created against a type like :class:`.Enum`, and the instructions
   to create constraints and/or database-specific type objects will
   propagate correctly as per the variant's dialect mapping.

.. change::
:tags: bug, sql
🎟️ 3931

   Fixed bug in compiler where the string identifier of a savepoint would
   be cached in the identifier quoting dictionary; as these identifiers
   are arbitrary, a small memory leak could occur if a single
   :class:`.Connection` had an unbounded number of savepoints used,
   as well as if the savepoint clause constructs were used directly
   with an unbounded umber of savepoint names.   The memory leak does
   **not** impact the vast majority of cases as normally the
   :class:`.Connection`, which renders savepoint names with a simple
   counter starting at "1", is used on a per-transaction or
   per-fixed-number-of-transactions basis before being discarded.

.. change::
:tags: bug, sql
🎟️ 3924

   Fixed bug in new "schema translate" feature where the translated schema
   name would be invoked in terms of an alias name when rendered along
   with a column expression; occurred only when the source translate
   name was "None".   The "schema translate" feature now only takes
   effect for :class:`.SchemaItem` and :class:`.SchemaType` subclasses,
   that is, objects that correspond to a DDL-creatable structure in
   a database.

.. changelog::

1.1.6

:released: February 28, 2017

.. change::
:tags: bug, mysql

   Added new MySQL 8.0 reserved words to the MySQL dialect for proper
   quoting.  Pull request courtesy Hanno Schlichting.

.. change:: 3915
:tags: bug, orm
🎟️ 3915

   Addressed some long unattended performance concerns within the joined
   eager loader query construction system that have accumulated since
   earlier versions as a result of increased abstraction. The use of ad-
   hoc :class:`.AliasedClass` objects per query, which produces lots of
   column lookup overhead each time, has been replaced with a cached
   approach that makes use of a small pool of :class:`.AliasedClass`
   objects that are reused between invocations of joined eager loading.
   Some mechanics involving eager join path construction have also been
   optimized.   Callcounts for an end-to-end query construction + single
   row fetch test with a worst-case joined loader scenario have been
   reduced by about 60% vs. 1.1.5 and 42% vs. that of 0.8.6.

.. change:: 3804
:tags: bug, postgresql
🎟️ 3804

   Added regular expressions for the "IMPORT FOREIGN SCHEMA",
   "REFRESH MATERIALIZED VIEW" Postgresql statements so that they
   autocommit when invoked via a connection or engine without
   an explicit transaction.  Pull requests courtesy Frazer McLean
   and Paweł Stiasny.

.. change:: 3909
:tags: bug, orm
🎟️ 3909

   Fixed a major inefficiency in the "eager_defaults" feature whereby
   an unnecessary SELECT would be emitted for column values where the
   ORM had explicitly inserted NULL, corresponding to attributes that
   were unset on the object but did not have any server default
   specified, as well as expired attributes on update that nevertheless
   had no server onupdate set up.   As these columns are not part of the
   RETURNING that eager_defaults tries to use, they should not be
   post-SELECTed either.

.. change:: 3908
:tags: bug, orm
🎟️ 3908

   Fixed two closely related bugs involving the mapper eager_defaults
   flag in conjunction with single-table inheritance; one where the
   eager defaults logic would inadvertently try to access a column
   that's part of the mapper's "exclude_properties" list (used by
   Declarative with single table inheritance) during the eager defaults
   fetch, and the other where the full load of the row in order to
   fetch the defaults would fail to use the correct inheriting mapper.

.. change:: 3905
:tags: bug, sql
🎟️ 3905

   Fixed bug whereby the :meth:`.DDLEvents.column_reflect` event would not
   allow a non-textual expression to be passed as the value of the
   "default" for the new column, such as a :class:`.FetchedValue`
   object to indicate a generic triggered default or a
   :func:`.sql.expression.text` construct.  Clarified the documentation
   in this regard as well.

.. change:: 3901
:tags: bug, ext
🎟️ 3901

   Fixed bug in new :mod:`sqlalchemy.ext.indexable` extension
   where setting of a property that itself refers to another property
   would fail.

.. change:: 3900
:tags: bug, postgresql
🎟️ 3900

   Fixed bug in Postgresql :class:`.ExcludeConstraint` where the
   "whereclause" and "using" parameters would not be copied during an
   operation like :meth:`.Table.tometadata`.

.. change:: 3898
:tags: bug, mssql
🎟️ 3898

   Added a version check to the "get_isolation_level" feature, which is
   invoked upon first connect, so that it skips for SQL Server version
   2000, as the necessary system view is not available prior to SQL Server
   2005.

.. change:: 3897
:tags: feature, ext
🎟️ 3896

   Added :meth:`.baked.Result.scalar` and :meth:`.baked.Result.count`
   to the "baked" query system.

.. change:: 3895
:tags: bug, orm, declarative
🎟️ 3895

   Fixed bug where the "automatic exclude" feature of declarative that
   ensures a column local to a single table inheritance subclass does
   not appear as an attribute on other derivations of the base would
   not take effect for multiple levels of subclassing from the base.

.. change:: 3893
:tags: bug, orm
🎟️ 3893

   Fixed bug first introduced in 0.9.7 as a result of :ticket:`3106`
   which would cause an incorrect query in some forms of multi-level
   subqueryload against aliased entities, with an unnecessary extra
   FROM entity in the innermost subquery.

.. changelog::

1.1.5

:released: January 17, 2017

.. change:: mysql_index_prefix
:tags: feature, mysql

   Added a new parameter ``mysql_prefix`` supported by the :class:`.Index`
   construct, allows specification of MySQL-specific prefixes such as
   "FULLTEXT". Pull request courtesy Joseph Schorr.

.. change:: 3854
:tags: bug, orm
🎟️ 3854

   Fixed bug in subquery loading where an object encountered as an
   "existing" row, e.g. already loaded from a different path in the
   same query, would not invoke subquery loaders for unloaded attributes
   that specified this loading.  This issue is in the same area
   as that of :ticket:`3431`, :ticket:`3811` which involved
   similar issues with joined loading.

.. change:: 3888
:tags: bug, postgresql
🎟️ 3888

   Fixed bug in new "ON CONFLICT DO UPDATE" feature where the "set"
   values for the UPDATE clause would not be subject to type-level
   processing, as normally takes effect to handle both user-defined
   type level conversions as well as dialect-required conversions, such
   as those required for JSON datatypes.   Additionally, clarified that
   the keys in the set_ dictionary should match the "key" of the column,
   if distinct from the column name.  A warning is emitted
   for remaining column names that don't match column keys; for
   compatibility reasons, these are emitted as they were previously.

.. change:: 3872
:tags: bug, examples
🎟️ 3872

   Fixed two issues with the versioned_history example, one is that
   the history table now gets autoincrement=False to avoid 1.1's new
   errors regarding composite primary keys with autoincrement; the other
   is that the sqlite_autoincrement flag is now used to ensure on SQLite,
   unique identifiers are used for the lifespan of a table even if
   some rows are deleted.  Pull request courtesy Carlos García Montoro.

.. change:: 3882
:tags: bug, sql
:tikets: 3882

   Fixed bug originally introduced in 0.9 via :ticket:`1068` where
   order_by(<some Label()>) would order by the label name based on name
   alone, that is, even if the labeled expression were not at all the same
   expression otherwise present, implicitly or explicitly, in the
   selectable.  The logic that orders by label now ensures that the
   labeled expression is related to the one that resolves to that name
   before ordering by the label name; additionally, the name has to
   resolve to an actual label explicit in the expression elsewhere, not
   just a column name.  This logic is carefully kept separate from the
   order by(textual name) feature that has a slightly different purpose.

.. change:: try_finally_for_noautoflush
:tags: bug, orm

   The :attr:`.Session.no_autoflush` context manager now ensures that
   the autoflush flag is reset within a "finally" block, so that if
   an exception is raised within the block, the state still resets
   appropriately.  Pull request courtesy Emin Arakelian.

.. change:: 3878
:tags: bug, sql
🎟️ 3878

   Fixed 1.1 regression where "import *" would not work for
   sqlalchemy.sql.expression, due to mis-spelled "any_" and "all_"
   functions.

.. change:: 3880
:tags: bg, sql
🎟️ 3880

   Fixed bug where literal_binds compiler flag was not honored by the
   :class:`.Insert` construct for the "multiple values" feature; the
   subsequent values are now rendered as literals.

.. change:: 3877
:tags: bug, oracle, postgresql
🎟️ 3877

   Fixed bug where an INSERT from SELECT where the source table contains
   an autoincrementing Sequence would fail to compile correctly.

.. change:: 3876
:tags: bug, mssql
🎟️ 3876

   Fixed bug where SQL Server dialects would attempt to select the
   last row identity for an INSERT from SELECT, failing in the case when
   the SELECT has no rows.  For such a statement,
   the inline flag is set to True indicating no last primary key
   should be fetched.

.. change:: 3875
:tags: bug, oracle
🎟️ 3875

   Fixed bug where the "COMPRESSION" keyword was used in the ALL_TABLES
   query on Oracle 9.2; even though Oracle docs state table compression
   was introduced in 9i, the actual column is not present until
   10.1.

.. change:: 3874
:tags: bug, orm
🎟️ 3874

   Fixed bug where the single-table inheritance query criteria would not
   be inserted into the query in the case that the :class:`.Bundle`
   construct were used as the selection criteria.

.. change:: repr_for_url_reflect
:tags: bug, sql

   The engine URL embedded in the exception for "could not reflect"
   in :meth:`.MetaData.reflect` now conceals the password; also
   the ``__repr__`` for :class:`.TLEngine` now acts like that of
   :class:`.Engine`, concealing the URL password.  Pull request courtesy
   Valery Yundin.

.. change:: 3867
:tags: bug, mysql
🎟️ 3867

   The MySQL dialect now will not warn when a reflected column has a
   "COMMENT" keyword on it, but note however the comment is not yet
   reflected; this is on the roadmap for a future release.  Pull request
   courtesy Lele Long.

.. change:: pg_timestamp_zero_prec
:tags: bug, postgresql

   The :class:`.postgresql.TIME` and :class:`.postgresql.TIMESTAMP`
   datatypes now support a setting of zero for "precision"; previously
   a zero would be ignored.  Pull request courtesy Ionuț Ciocîrlan.

.. change:: 3861
:tags: bug, engine
🎟️ 3861

   The "extend_existing" option of :class:`.Table` reflection would
   cause indexes and constraints to be doubled up in the case that the parameter
   were used with :meth:`.MetaData.reflect` (as the automap extension does)
   due to tables being reflected both within the foreign key path as well
   as directly.  A new de-duplicating set is passed through within the
   :meth:`.MetaData.reflect` sequence to prevent double reflection in this
   way.

.. change:: 3859
:tags: bug, sql
🎟️ 3859

   Fixed issue in :class:`.Variant` where the "right hand coercion" logic,
   inherited from :class:`.TypeDecorator`, would
   coerce the right-hand side into the :class:`.Variant` itself, rather than
   what the default type for the :class:`.Variant` would do.   In the
   case of :class:`.Variant`, we want the type to act mostly like the base
   type so the default logic of :class:`.TypeDecorator` is now overridden
   to fall back to the underlying wrapped type's logic.   Is mostly relevant
   for JSON at the moment.

.. change:: 3856
:tags: bug, orm
🎟️ 3856

   Fixed bug related to :ticket:`3177`, where a UNION or other set operation