Bump the python-packages group across 1 directory with 46 updates

[dependabot]

Bumps the python-packages group with 46 updates in the / directory:

Package	From	To
attrs	22.2.0	24.3.0
black	24.3.0	24.10.0
blinker	1.7.0	1.9.0
brotli	1.0.9	1.1.0
certifi	2024.7.4	2024.12.14
cffi	1.15.1	1.17.1
charset-normalizer	3.1.0	3.4.0
exceptiongroup	1.1.1	1.2.2
flask	2.3.2	3.1.0
flask-minify	0.42	0.48
flask-sqlalchemy	3.0.5	3.1.1
fonttools	4.43.0	4.55.3
frozen-flask	1.0.1	1.0.2
gunicorn	22.0.0	23.0.0
idna	3.7	3.10
itsdangerous	2.1.2	2.2.0
jinja2	3.1.3	3.1.4
lxml	4.9.2	5.3.0
markupsafe	2.1.3	3.0.2
outcome	1.2.0	1.3.0.post0
packaging	23.0	24.2
pathspec	0.11.1	0.12.1
pillow	10.3.0	11.0.0
platformdirs	3.11.0	4.3.6
psycopg2-binary	2.9.6	2.9.10
pycparser	2.21	2.22
pydyf	0.5.0	0.11.0
pyphen	0.13.2	0.17.0
python-dotenv	1.0.0	1.0.1
pytz	2023.3	2024.2
rcssmin	1.1.2	1.2.0
requests	2.32.2	2.32.3
selenium	4.8.2	4.27.1
six	1.16.0	1.17.0
splinter	0.19.0	0.21.0
sqlalchemy	2.0.18	2.0.36
sqlalchemy-cockroachdb	2.0.1	2.0.2
tinycss2	1.2.1	1.4.0
tomli	2.0.1	2.2.1
trio	0.22.0	0.27.0
typing-extensions	4.5.0	4.12.2
urllib3	1.26.19	2.2.3
weasyprint	58.1	63.1
werkzeug	2.3.8	3.1.3
xxhash	3.2.0	3.5.0
zopfli	0.2.2	0.2.3.post1

Updates attrs from 22.2.0 to 24.3.0

Commits

• See full diff in compare view

Updates black from 24.3.0 to 24.10.0

Release notes

Sourced from black's releases.

24.10.0

Highlights

• Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
• Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
• Black no longer supports running with Python 3.8 (#4452)

Stable style

• Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
• Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

• Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

• Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

• Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
• blackd now requires a newer version of aiohttp. (#4451)

Output

• Added Python target version information on parse error (#4378)
• Add information about Black version to internal error messages (#4457)

24.8.0

Stable style

• Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

• Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

• Fix regression where Black failed to parse a multiline f-string containing another multiline string (#4339)

... (truncated)

Changelog

Sourced from black's changelog.

24.10.0

Highlights

• Black is now officially tested with Python 3.13 and provides Python 3.13 mypyc-compiled wheels. (#4436) (#4449)
• Black will issue an error when used with Python 3.12.5, due to an upstream memory safety issue in Python 3.12.5 that can cause Black's AST safety checks to fail. Please use Python 3.12.6 or Python 3.12.4 instead. (#4447)
• Black no longer supports running with Python 3.8 (#4452)

Stable style

• Fix crashes involving comments in parenthesised return types or X | Y style unions. (#4453)
• Fix skipping Jupyter cells with unknown %% magic (#4462)

Preview style

• Fix type annotation spacing between * and more complex type variable tuple (i.e. def fn(*args: *tuple[*Ts, T]) -> None: pass) (#4440)

Caching

• Fix bug where the cache was shared between runs with and without --unstable (#4466)

Packaging

• Upgrade version of mypyc used to 1.12 beta (#4450) (#4449)
• blackd now requires a newer version of aiohttp. (#4451)

Output

• Added Python target version information on parse error (#4378)
• Add information about Black version to internal error messages (#4457)

24.8.0

Stable style

• Fix crash when # fmt: off is used before a closing parenthesis or bracket. (#4363)

Packaging

• Packaging metadata updated: docs are explictly linked, the issue tracker is now also linked. This improves the PyPI listing for Black. (#4345)

Parser

• Fix regression where Black failed to parse a multiline f-string containing another

... (truncated)

Commits

• 1b2427a Prepare release 24.10.0 (#4471)
• a22b1eb Add mypyc 3.13 wheel build (#4449)
• b7d0e72 Bump AndreMiras/coveralls-python-action from 65c1672f0b8a201702d86c81b79187df...
• f1a2f92 Include --unstable in cache key (#4466)
• 8d9d18c Fix skipping Jupyter cells with unknown %% magic (#4462)
• bbfdba3 Fix docs CI: use venv for uv to fix 'failed to create directory' (#4460)
• 8fb2add Use builtin generics (#4458)
• 2a45cec Fix crashes with comments in parentheses (#4453)
• b4d6d86 Drop Python 3.8 support (#4452)
• ac018c1 Require newer aiohttp for blackd (#4451)
• Additional commits viewable in compare view

Updates blinker from 1.7.0 to 1.9.0

Release notes

Sourced from blinker's releases.

1.9.0

This is the Blinker 1.9.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

PyPI: https://pypi.org/project/blinker/1.9.0/ Changes: https://blinker.readthedocs.io/en/stable/#version-1-9-0 Milestone: https://github.com/pallets-eco/blinker/milestone/1?closed=1

• Drop support for Python 3.8. #175
• Remove previously deprecated __version__, receiver_connected, Signal.temporarily_connected_to and WeakNamespace. #172
• Skip weakref signal cleanup if the interpreter is shutting down. #173

1.8.2

This is the Blinker 1.8.2 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/blinker/1.8.2/ Changes: https://blinker.readthedocs.io/en/latest/#version-1-8-2

• Simplify type for _async_wrapper and _sync_wrapper arguments. #156

1.8.1

This is the Blinker 1.8.1 fix release, which fixes bugs but does not otherwise change behavior and should not result in breaking changes.

PyPI: https://pypi.org/project/blinker/1.8.1/ Changes: https://blinker.readthedocs.io/en/latest/#version-1-8-1

• Restore identity handling for str and int senders. #148
• Fix deprecated blinker.base.WeakNamespace import. #149
• Fix deprecated blinker.base.receiver_connected import. #153
• Use types from collections.abc instead of typing. #150
• Fully specify exported types as reported by pyright. #152

1.8.0

This is the Blinker 1.8.0 feature release, which may include new features, remove previously deprecated code, or add new deprecations. The 1.8.x line is now the supported fix branch, support has ended for the 1.7.x line. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

PyPI: https://pypi.org/project/blinker/1.8.0/ Changes: https://blinker.readthedocs.io/en/latest/#version-1-8-0

• Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("blinker"), instead. #128
• Specify that the deprecated temporarily_connected_to will be removed in the next version.
• Show a deprecation warning for the deprecated global receiver_connected signal and specify that it will be removed in the next version.
• Show a deprecation warning for the deprecated WeakNamespace and specify that it will be removed in the next version.
• Greatly simplify how the library uses weakrefs. This is a significant change internally but should not affect any public API. #144
• Expose the namespace used by signal() as default_namespace. #145

Changelog

Sourced from blinker's changelog.

Version 1.9.0

Released 2024-11-08

• Drop support for Python 3.8. :pr:175
• Remove previously deprecated __version__, receiver_connected, Signal.temporarily_connected_to and WeakNamespace. :pr:172
• Skip weakref signal cleanup if the interpreter is shutting down. :issue:173

Version 1.8.2

Released 2024-05-06

• Simplify type for _async_wrapper and _sync_wrapper arguments. :pr:156

Version 1.8.1

Released 2024-04-28

• Restore identity handling for str and int senders. :pr:148
• Fix deprecated blinker.base.WeakNamespace import. :pr:149
• Fix deprecated blinker.base.receiver_connected import. :pr:153
• Use types from collections.abc instead of typing. :pr:150
• Fully specify exported types as reported by pyright. :pr:152

Version 1.8.0

Released 2024-04-27

• Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("blinker"), instead. :issue:128
• Specify that the deprecated temporarily_connected_to will be removed in the next version.
• Show a deprecation warning for the deprecated global receiver_connected signal and specify that it will be removed in the next version.
• Show a deprecation warning for the deprecated WeakNamespace and specify that it will be removed in the next version.
• Greatly simplify how the library uses weakrefs. This is a significant change internally but should not affect any public API. :pr:144
• Expose the namespace used by signal() as default_namespace. :pr:145

Commits

• 669f3a0 release version 1.9.0
• cfe116f try disabling attestions on test pypi
• 16e4bd7 Merge pull request #174 from projectgus/bugfix/weakref_disconnect_shutdown
• 42561fd Fix "Exception ignored" in weakref callback during interpreter shutdown.
• dcce3e9 Merge pull request #175 from pallets-eco/drop-python3.8
• efa95ea drop support for python 3.8
• 8230518 update dev dependencies
• 94f1202 update dev dependencies
• 8c983ec remove previously deprecated code (#172)
• f5915f3 set up pre-commit lite workflow
• Additional commits viewable in compare view

Updates brotli from 1.0.9 to 1.1.0

Release notes

Sourced from brotli's releases.

v1.1.0

Added

• decoder: BrotliDecoderAttachDictionary
• decoder: BrotliDecoderOnFinish callback behind BROTLI_REPORTING
• decoder: BrotliDecoderSetMetadataCallbacks
• encoder: BrotliEncoderPrepareDictionary, BrotliEncoderDestroyPreparedDictionary, BrotliEncoderAttachPreparedDictionary
• decoder: BrotliEncoderOnFinish callback behind BROTLI_REPORTING
• common: BrotliSharedDictionaryCreateInstance, BrotliSharedDictionaryDestroyInstance, BrotliSharedDictionaryAttach
• CLI: --dictionary option
• java: encoder wrapper: Parameters.mode
• java: Brotli{Input|Output}Stream.attachDictionary
• java: wrapper: partial byte array input
• typescript: decoder (transpiled from Java)

Removed

• build: BROTLI_BUILD_PORTABLE option

Fixed

• java: JNI decoder failed sometimes on power of 2 payloads

Improved

• java / js: smaller decoder footprint
• decoder: faster decoding
• encoder: faster encoding
• encoder: smaller stack frames

v1.1.0rc

Added

• decoder: BrotliDecoderAttachDictionary
• decoder: BrotliDecoderOnFinish callback behind BROTLI_REPORTING
• decoder: BrotliDecoderSetMetadataCallbacks
• encoder: BrotliEncoderPrepareDictionary, BrotliEncoderDestroyPreparedDictionary, BrotliEncoderAttachPreparedDictionary
• decoder: BrotliEncoderOnFinish callback behind BROTLI_REPORTING
• common: BrotliSharedDictionaryCreateInstance, BrotliSharedDictionaryDestroyInstance, BrotliSharedDictionaryAttach
• CLI: --dictionary option
• java: encoder wrapper: Parameters.mode
• java: Brotli{Input|Output}Stream.attachDictionary
• java: wrapper: partial byte array input
• typescript: decoder (transpiled from Java)

Removed

• build: BROTLI_BUILD_PORTABLE option

... (truncated)

Changelog

Sourced from brotli's changelog.

[1.1.0] - 2023-08-28

Added

• decoder: BrotliDecoderAttachDictionary
• decoder: BrotliDecoderOnFinish callback behind BROTLI_REPORTING
• decoder: BrotliDecoderSetMetadataCallbacks
• encoder: BrotliEncoderPrepareDictionary, BrotliEncoderDestroyPreparedDictionary, BrotliEncoderAttachPreparedDictionary
• decoder: BrotliEncoderOnFinish callback behind BROTLI_REPORTING
• common: BrotliSharedDictionaryCreateInstance, BrotliSharedDictionaryDestroyInstance, BrotliSharedDictionaryAttach
• CLI: --dictionary option
• java: encoder wrapper: Parameters.mode
• java: Brotli{Input|Output}Stream.attachDictionary
• java: wrapper: partial byte array input
• typescript: decoder (transpiled from Java)

Removed

• build: BROTLI_BUILD_PORTABLE option

Fixed

• java: JNI decoder failed sometimes on power of 2 payloads

Improved

• java / js: smaller decoder footprint
• decoder: faster decoding
• encoder: faster encoding
• encoder: smaller stack frames

Commits

• ed738e8 more sophisticated golang TestEncoderFlush
• e7313b0 tune memory manager for BROTLI_EXPERIMENTAL
• c1bd196 comb HAVE_UTIMENSAT definition
• 2a5a088 more tuning for BROTLI_EXPERIMENTAL + clean-on-oom
• feb6d8b prepare for 1.1.0rc
• 3ebb2d3 Move serialized dictionary feature behind the flag.
• 0f2157c Update comment; fixes #1061
• 9ff341d Replace TS strict_checks with source-level suppressions.
• 8c79230 reduce amount of padding in decoder structs
• a560089 speedup q5-9 on large files
• Additional commits viewable in compare view

Updates certifi from 2024.7.4 to 2024.12.14

Commits

• 4ba3900 2024.12.14 (#329)
• 9164660 Bump pypa/gh-action-pypi-publish from 1.12.2 to 1.12.3 (#331)
• 3dc3651 Bump pypa/gh-action-pypi-publish from 1.11.0 to 1.12.2 (#328)
• c5bf18d Bump pypa/gh-action-pypi-publish from 1.10.3 to 1.11.0 (#327)
• b908391 Bump actions/setup-python from 5.2.0 to 5.3.0 (#326)
• bc26b41 Bump actions/checkout from 4.2.1 to 4.2.2 (#325)
• 57afc22 Bump actions/upload-artifact from 4.4.1 to 4.4.3 (#323)
• a495091 test against 3.13 final
• 62f8144 Added 3.13 classifier (#322)
• 94d23a0 Bump pypa/gh-action-pypi-publish from 1.10.2 to 1.10.3 (#321)
• Additional commits viewable in compare view

Updates cffi from 1.15.1 to 1.17.1

Release notes

Sourced from cffi's releases.

v1.17.1

• Fix failing distutils.msvc9compiler imports under Windows (#118).
• ffibuilder.emit_python_code() and ffibuiler.emit_c_code() accept file-like objects (#115).
• ffiplatform calls are bypassed by ffibuilder.emit_python_code() and ffibuilder.emit_c_code() (#81).

Full Changelog: python-cffi/cffi@v1.17.0...v1.17.1

v1.17.0

• Add support for Python 3.13.
  • Free-threaded CPython builds (i.e. python3.13t and the 3.13t ABI) are not currently supported.
• In API mode, when you get a function from a C library by writing fn = lib.myfunc, you get an object of a special type for performance reasons, instead of a <cdata 'C-function-type'>. Before version 1.17 you could only call such objects. You could write ffi.addressof(lib, "myfunc") in order to get a real <cdata> object, based on the idea that in these cases in C you'd usually write &myfunc instead of myfunc. In version 1.17, the special object lib.myfunc can now be passed in many places where CFFI expects a regular <cdata> object. For example, you can now pass it as a callback to a C function call, or write it inside a C structure field of the correct pointer-to-function type, or use ffi.cast() or ffi.typeof() on it.

Full Changelog: python-cffi/cffi@v1.16.0...v1.17.0

v1.17.0rc1

• Add support for Python 3.13.
• In API mode, when you get a function from a C library by writing fn = lib.myfunc, you get an object of a special type for performance reasons, instead of a object. For example, you can now pass it as a callback to a C function call, or write it inside a C structure field of the correct pointer-to-function type, or use ffi.cast() or ffi.typeof() on it.
• Build wheels for musllinux aarch64.

v1.16.0

• Add support for Python 3.12. With the removal of distutils from Python 3.12, projects using CFFI features that depend on distutils at runtime must add a dependency on setuptools to function under Python 3.12+. CFFI does not declare a runtime setuptools requirement to avoid an unnecessary dependency for projects that do not require it.
• Drop support for end-of-life Python versions (2.7, 3.6, 3.7).
• Add support for PEP517 builds; setuptools is now a required build dependency.
• Declare python_requires metadata for Python 3.8+. This allows unsupported Pythons to continue using previously released sdists and wheels.
• Move project source under src/; a more standard layout that also enables CI to more easily catch packaging errors.

v1.16.0rc2

• Fix packaging issue in v1.16.0rc1.
• Rearrange project sources (src/ layout) so packaging tests can properly detect similar issues in the future.

Full Changelog: python-cffi/cffi@v1.16.0rc1...v1.16.0rc2

... (truncated)

Commits

• 38bd6be release 1.17.1
• ba10180 update whatsnew.rst for 1.17.1 (#121)
• 61deb5f add yet another flag to recompile() to avoid calling ffiplatform (#81)
• 1c292c1 Handle distutils without distutils.msvc9compiler.MSVCCompiler class (#118)
• 182ffc4 Allow writing generated code to a file-like object. (#115)
• 74731f9 Release 1.17.0 (#108)
• 181fa00 1.17.0rc1 release (#80)
• 772528e Add 3.13 to trove classifiers (#72)
• e36042d 1.17.0b1 prep (#79)
• 39bdab2 avoid null-pointer-subtraction error (#78)
• Additional commits viewable in compare view

Updates charset-normalizer from 3.1.0 to 3.4.0

Release notes

Sourced from charset-normalizer's releases.

Version 3.4.0

🚀 charset-normalizer is raising awareness around HTTP/2, and HTTP/3!

Did you know that Internet Explorer 11 shipped with an optional HTTP/2 support back in 2013? also libcurl did ship it in 2014[...] All of this while our community is still struggling to make a firm advancement in HTTP clients. Now, many of you use Requests as the defacto http client, now, and for many years now, Requests has been frozen. Being left in a vegetative state and not evolving, this blocked millions of developers from using more advanced features.

We promptly invite Python developers to look at the drop-in replacement for Requests, namely Niquests. It leverage charset-normalizer in a better way! Check it out, you will be positively surprised! Don't wait another decade.

We are thankful to @​microsoft and involved parties for funding our work through the Microsoft FOSS Fund program.

3.4.0 (2024-10-08)

Added

• Argument --no-preemptive in the CLI to prevent the detector to search for hints.
• Support for Python 3.13 (#512)

Fixed

• Relax the TypeError exception thrown when trying to compare a CharsetMatch with anything else than a CharsetMatch.
• Improved the general reliability of the detector based on user feedbacks. (#520) (#509) (#498) (#407) (#537)
• Declared charset in content (preemptive detection) not changed when converting to utf-8 bytes. (#381)

Version 3.3.2

3.3.2 (2023-10-31)

Fixed

• Unintentional memory usage regression when using large payloads that match several encodings (#376)
• Regression on some detection cases showcased in the documentation (#371)

Added

• Noise (md) probe that identifies malformed Arabic representation due to the presence of letters in isolated form (credit to my wife, thanks!)

Version 3.3.1

3.3.1 (2023-10-22)

Changed

• Optional mypyc compilation upgraded to version 1.6.1 for Python >= 3.8
• Improved the general detection reliability based on reports from the community

Release 3.3.0

3.3.0 (2023-09-30)

Added

• Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
• Support for 9 forgotten encodings that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

... (truncated)

Changelog

Sourced from charset-normalizer's changelog.

3.4.0 (2024-10-08)

Added

• Argument --no-preemptive in the CLI to prevent the detector to search for hints.
• Support for Python 3.13 (#512)

Fixed

• Relax the TypeError exception thrown when trying to compare a CharsetMatch with anything else than a CharsetMatch.
• Improved the general reliability of the detector based on user feedbacks. (#520) (#509) (#498) (#407) (#537)
• Declared charset in content (preemptive detection) not changed when converting to utf-8 bytes. (#381)

3.3.2 (2023-10-31)

Fixed

• Unintentional memory usage regression when using large payload that match several encoding (#376)
• Regression on some detection case showcased in the documentation (#371)

Added

• Noise (md) probe that identify malformed arabic representation due to the presence of letters in isolated form (credit to my wife)

3.3.1 (2023-10-22)

Changed

• Optional mypyc compilation upgraded to version 1.6.1 for Python >= 3.8
• Improved the general detection reliability based on reports from the community

3.3.0 (2023-09-30)

Added

• Allow to execute the CLI (e.g. normalizer) through python -m charset_normalizer.cli or python -m charset_normalizer
• Support for 9 forgotten encoding that are supported by Python but unlisted in encoding.aliases as they have no alias (#323)

Removed

• (internal) Redundant utils.is_ascii function and unused function is_private_use_only
• (internal) charset_normalizer.assets is moved inside charset_normalizer.constant

Changed

• (internal) Unicode code blocks in constants are updated using the latest v15.0.0 definition to improve detection
• Optional mypyc compilation upgraded to version 1.5.1 for Python >= 3.8

Fixed

• Unable to properly sort CharsetMatch when both chaos/noise and coherence were close due to an unreachable condition in __lt__ (#350)

3.2.0 (2023-06-07)

Changed

• Typehint for function from_path no longer enforce PathLike as its first argument
• Minor improvement over the global detection reliability

Added

... (truncated)

Commits

• f3118e3 🔧 change download/upload artifact version to last working version
• 33e67e8 🔧 set compile-generator in generator_generic_slsa3 action
• 73dd24c 🔧 add explicit build deps to setuptools
• 78f1e9b 🔧 attempt to fix cd.yml *3
• 56ae702 🔧 attempt to fix cd.yml *2
• 9720055 🔧 attempt to fix cd.yml (macos part)
• 1e10d06 Update CHANGELOG.md
• 36c103a 🔖 Release 3.4.0 (#545)
• 7658dfc ⬆️ Bump github/codeql-action from 3.26.11 to 3.26.12 (#544)
• ca2535d ⬆️ Bump github/codeql-action from 3.26.9 to 3.26.11 (#542)
• Additional commits viewable in compare view

Updates exceptiongroup from 1.1.1 to 1.2.2

Release notes

Sourced from exceptiongroup's releases.

1.2.2

• Removed an assert in exceptiongroup._formatting that caused compatibility issues with Sentry (#123)

1.2.1

• Updated the copying of __notes__ to match CPython behavior (PR by CF Bolz-Tereick)
• Corrected the type annotation of the exception handler callback to accept a BaseExceptionGroup instead of BaseException
• Fixed type errors on Python < 3.10 and the type annotation of suppress() (PR by John Litborn)

1.2.0

• Added special monkeypatching if Apport has overridden sys.excepthook so it will format exception groups correctly (PR by John Litborn)
• Added a backport of contextlib.suppress() from Python 3.12.1 which also handles suppressing exceptions inside exception groups
• Fixed bare raise in a handler reraising the original naked exception rather than an exception group which is what is raised when you do a raise in an except* handler

Changelog

Sourced from exceptiongroup's changelog.

Version history

This library adheres to Semantic Versioning 2.0 <http://semver.org/>_.

1.2.2

• Removed an assert in exceptiongroup._formatting that caused compatibility issues with Sentry ([#123](https://github.com/agronholm/exceptiongroup/issues/123) <https://github.com/agronholm/exceptiongroup/issues/123>_)

1.2.1

• Updated the copying of __notes__ to match CPython behavior (PR by CF Bolz-Tereick)
• Corrected the type annotation of the exception handler callback to accept a BaseExceptionGroup instead of BaseException
• Fixed type errors on Python < 3.10 and the type annotation of suppress() (PR by John Litborn)

1.2.0

• Added special monkeypatching if Apport <https://github.com/canonical/apport>_ has overridden sys.excepthook so it will format exception groups correctly (PR by John Litborn)
• Added a backport of contextlib.suppress() from Python 3.12.1 which also handles suppressing exceptions inside exception groups
• Fixed bare raise in a handler reraising the original naked exception rather than an exception group which is what is raised when you do a raise in an except* handler

1.1.3

• catch() now raises a TypeError if passed an async exception handler instead of just giving a RuntimeWarning about the coroutine never being awaited. (#66, PR by John Litborn)
• Fixed plain raise statement in an exception handler callback to work like a raise in an except* block
• Fixed new exception group not being chained to the original exception when raising an exception group from exceptions raised in handler callbacks
• Fixed type annotations of the derive(), subgroup() and split() methods to match the ones in typeshed

1.1.2

• Changed handling of exceptions in exception group handler callbacks to not wrap a single exception in an exception group, as per CPython issue 103590 <https://github.com/python/cpython/issues/103590>_

1.1.1

• Worked around

... (truncated)

Commits

• 2399d54 Added the release version
• bec9651 Removed problematic assert that caused compatibility issues
• f3f0ff6 Updated Ruff configuration
• bb43ee0 Fixed formatting tests failing on Python 3.13
• eb8fbbc [pre-commit.ci] pre-commit autoupdate (#129)
• 6ff8300 [pre-commit.ci] pre-commit autoupdate (#128)
• 761933f [pre-commit.ci] pre-commit autoupdate (#127)
• 1b43294 [pre-commit.ci] pre-commit autoupdate (#125)
• dd87018 [pre-commit.ci] pre-commit autoupdate (#124)
• 54d8b8d [pre-commit.ci] pre-commit autoupdate (#121)
• Additional commits viewable in compare view

Updates flask from 2.3.2 to 3.1.0

Release notes

Sourced from flask's releases.

3.1.0

This is the Flask 3.1.0 feature release. A feature release may include new features, remove previously deprecated code, add new deprecations, or introduce potentially breaking changes. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

PyPI: https://pypi.org/project/Flask/3.1.0/ Changes: https://flask.palletsprojects.com/en/stable/changes/#version-3-1-0 Milestone: https://github.com/pallets/flask/milestone/33?closed=1

• Drop support for Python 3.8. #5623
• Update minimum dependency versions to latest feature releases. Werkzeug >= 3.1, ItsDangerous >= 2.2, Blinker >= 1.9. #5624, #5633
• Provide a configuration option to control automatic option responses. #5496
• Flask.open_resource/open_instance_resource and Blueprint.open_resource take an encoding parameter to use when opening in text mode. It defaults to utf-8. #5504
• Request.max_content_length can be customized per-request instead of only through the MAX_CONTENT_LENGTH config. Added MAX_FORM_MEMORY_SIZE and MAX_FORM_PARTS config. Added documentation about resource limits to the security page. #5625
• Add support for the Partitioned cookie attribute (CHIPS), with the SESSION_COOKIE_PARTITIONED config. #5472
• -e path takes precedence over default .env and .flaskenv files. load_dotenv loads default files in addition to a path unless load_defaults=False is passed. #5628
• Support key rotation with the SECRET_KEY_FALLBACKS config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. #5621
• Fix how setting host_matching=True or subdomain_matching=False interacts with SERVER_NAME. Setting SERVER_NAME no longer restricts requests to only that domain. #5553
• Request.trusted_hosts is checked during routing, and can be set through the TRUSTED_HOSTS config. #5636

3.0.3

This is a fix release for the 3.0.x feature branch.

PyPI: https://pypi.org/project/Flask/3.0.3/ Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-3 Milestone: https://github.com/pallets/flask/milestone/35?closed=1

• The default hashlib.sha1 may not be available in FIPS builds. Don't access it at import time so the developer has time to change the default. #5448
• Don't initialize the cli attribute in the sansio scaffold, but rather in the Flask concrete class. #5270

3.0.2

This is a fix release for the 3.0.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3.0.2
• Milestone: https://github.com/pallets/flask/milestone/34?closed=1
• PyPI: https://pypi.org/project/Flask/3.0.2/

3.0.1

This is a fix release for the 3.0.x feature release branch.

Fixes an issue where using other JSON providers, such as flask-orjson, previously caused loaded session data to have an incorrect format in some cases.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-1
• Milestone: https://github.com/pallets/flask/milestone/32?closed=1
• PyPI: https://pypi.org/project/Flask/3.0.1/

3.0.0

This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 3.0.x branch is now the supported fix branch, the 2.3.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-0
• Milestone: https://github.com/pallets/flask/milestone/20?closed=1

... (truncated)

Changelog

Sourced from flask's changelog.

Version 3.1.0

Released 2024-11-13

• Drop support for Python 3.8. :pr:5623
• Update minimum dependency versions to latest feature releases. Werkzeug >= 3.1, ItsDangerous >= 2.2, Blinker >= 1.9. :pr:5624,5633
• Provide a configuration option to control automatic option responses. :pr:5496
• Flask.open_resource/open_instance_resource and Blueprint.open_resource take an encoding parameter to use when opening in text mode. It defaults to utf-8. :issue:5504
• Request.max_content_length can be customized per-request instead of only through the MAX_CONTENT_LENGTH config. Added MAX_FORM_MEMORY_SIZE and MAX_FORM_PARTS config. Added documentation about resource limits to the security page. :issue:5625
• Add support for the Partitioned cookie attribute (CHIPS), with the SESSION_COOKIE_PARTITIONED config. :issue:5472
• -e path takes precedence over default .env and .flaskenv files. load_dotenv loads default files in addition to a path unless load_defaults=False is passed. :issue:5628
• Support key rotation with the SECRET_KEY_FALLBACKS config, a list of old secret keys that can still be used for unsigning. Extensions will need to add support. :issue:5621
• Fix how setting host_matching=True or subdomain_matching=False interacts with SERVER_NAME. Setting SERVER_NAME no longer restricts requests to only that domain. :issue:5553
• Request.trusted_hosts is checked during routing, and can be set through the TRUSTED_HOSTS config. :issue:5636

Version 3.0.3

Released 2024-04-07

• The default hashlib.sha1 may not be available in FIPS builds. Don't access it at import time so the developer has time to change the default. :issue:5448
• Don't initialize the cli attribute in the sansio scaffold, but rather in the Flask concrete class. :pr:5270

Version 3.0.2

Released 2024-02-03

• Correct type for jinja_loader property. :issue:5388

... (truncated)

Commits

• ab81496 release version 3.1.0
• 70602a1 remove test pypi
• 6748a09 update dev dependencies
• 22c48a7 Merge remote-tracking branch 'origin/stable'
• 2eab96a use generic bases for session (#5638)
• f49dbfd use generic bases for session
• 7b21d43 configure and check request.trusted_hosts (#5637)
• 4...

  Description has been truncated

[netlify]

❌ Deploy Preview for shyparty failed. Why did it fail? →

Name	Link
🔨 Latest commit	8e06559
🔍 Latest deploy log	https://app.netlify.com/sites/shyparty/deploys/6761b564c0c12900080fbb37

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.