Merge pull request #3904 from pallets/update-project

update project files

.github/ISSUE_TEMPLATE.md

@@ -1,29 +0,0 @@
-<!-- **This issue tracker is a tool to address bugs in Flask itself.
-Please use the Pallets Discord or Stack Overflow for general questions
-about using Flask or issues not related to Flask.** -->
-
-<!-- If you'd like to report a bug in Flask, fill out the template below. Provide
-any extra information that may be useful / related to your problem.
-Ideally, create an [MCVE](https://stackoverflow.com/help/mcve), which helps us
-understand the problem and helps check that it is not caused by something in
-your code. -->
-
-### Expected Behavior
-<!-- Tell us what should happen. -->
-
-```python
-# Paste a minimal example that causes the problem.
-```
-
-### Actual Behavior
-<!-- Tell us what happens instead. -->
-
-```pytb
-Paste the full traceback if there was an exception.
-```
-
-### Environment
-
-* Python version:
-* Flask version:
-* Werkzeug version:

.github/ISSUE_TEMPLATE/bug-report.md

@@ -0,0 +1,27 @@
+---
+name: Bug report
+about: Report a bug in Flask (not other projects which depend on Flask)
+---
+
+<!--
+This issue tracker is a tool to address bugs in Flask itself. Please use
+Pallets Discord or Stack Overflow for questions about your own code.
+
+Replace this comment with a clear outline of what the bug is.
+-->
+
+<!--
+Describe how to replicate the bug.
+
+Include a minimal reproducible example that demonstrates the bug.
+Include the full traceback if there was an exception.
+-->
+
+<!--
+Describe the expected behavior that should have happened but didn't.
+-->
+
+Environment:
+
+- Python version:
+- Flask version:

.github/ISSUE_TEMPLATE/config.yml

@@ -0,0 +1,11 @@
+blank_issues_enabled: false
+contact_links:
+  - name: Security issue
+    url: security@palletsprojects.com
+    about: Do not report security issues publicly. Email our security contact.
+  - name: Questions
+    url: https://stackoverflow.com/questions/tagged/flask?tab=Frequent
+    about: Search for and ask questions about your code on Stack Overflow.
+  - name: Questions and discussions
+    url: https://discord.gg/pallets
+    about: Discuss questions about your code on our Discord chat.

.github/ISSUE_TEMPLATE/feature-request.md

@@ -0,0 +1,15 @@
+---
+name: Feature request
+about: Suggest a new feature for Flask
+---
+
+<!--
+Replace this comment with a description of what the feature should do.
+Include details such as links relevant specs or previous discussions.
+-->
+
+<!--
+Replace this comment with an example of the problem which this feature
+would resolve. Is this problem solvable without changes to Flask, such
+as by subclassing or using an extension?
+-->

.github/PULL_REQUEST_TEMPLATE.md

@@ -1,16 +0,0 @@
-Describe what this patch does to fix the issue.
-
-Link to any relevant issues or pull requests.
-
-<!--
-Commit checklist:
-
-* add tests that fail without the patch
-* ensure all tests pass with ``pytest``
-* add documentation to the relevant docstrings or pages
-* add ``versionadded`` or ``versionchanged`` directives to relevant docstrings
-* add a changelog entry if this patch changes code
-
-Tests, coverage, and docs will be run automatically when you submit the pull
-request, but running them yourself can save time.
--->

.github/SECURITY.md

@@ -0,0 +1,19 @@
+# Security Policy
+
+If you believe you have identified a security issue with a Pallets
+project, **do not open a public issue**. To responsibly report a
+security issue, please email security@palletsprojects.com. A security
+team member will contact you acknowledging the report and how to
+continue.
+
+Be sure to include as much detail as necessary in your report. As with
+reporting normal issues, a minimal reproducible example will help the
+maintainers address the issue faster. If you are able, you may also
+include a fix for the issue generated with `git format-patch`.
+
+The current and previous release will receive security patches, with
+older versions evaluated based on usage information and severity.
+
+After fixing an issue, we will make a security release along with an
+announcement on our blog. We may obtain a CVE id as well. You may
+include a name and link if you would like to be credited for the report.

.github/pull_request_template.md

@@ -0,0 +1,30 @@
+<!--
+Before opening a PR, open a ticket describing the issue or feature the
+PR will address. Follow the steps in CONTRIBUTING.rst.
+
+Replace this comment with a description of the change. Describe how it
+addresses the linked ticket.
+-->
+
+<!--
+Link to relevant issues or previous PRs, one per line. Use "fixes" to
+automatically close an issue.
+-->
+
+- fixes #<issue number>
+
+<!--
+Ensure each step in CONTRIBUTING.rst is complete by adding an "x" to
+each box below.
+
+If only docs were changed, these aren't relevant and can be removed.
+-->
+
+Checklist:
+
+- [ ] Add tests that demonstrate the correct behavior of the change. Tests should fail without the change.
+- [ ] Add or update relevant docs, in the docs folder and in code.
+- [ ] Add an entry in `CHANGES.rst` summarizing the change and linking to the issue.
+- [ ] Add `.. versionchanged::` entries in any relevant code docs.
+- [ ] Run `pre-commit` hooks and fix any issues.
+- [ ] Run `pytest` and `tox`, no tests failed.

.github/workflows/tests.yaml

@@ -42,14 +42,5 @@ jobs:
         with:
           path: ${{ steps.pip-cache.outputs.dir }}
           key: pip|${{ runner.os }}|${{ matrix.python }}|${{ hashFiles('setup.py') }}|${{ hashFiles('requirements/*.txt') }}
-      - name: set full Python version in PY env var
-        # See https://pre-commit.com/#github-actions-example
-        run: echo "PY=$(python -VV | sha256sum | cut -d' ' -f1)" >> $GITHUB_ENV
-      - name: cache pre-commit
-        uses: actions/cache@v2
-        with:
-          path: ~/.cache/pre-commit
-          key: pre-commit|${{ env.PY }}|${{ hashFiles('.pre-commit-config.yaml') }}
-        if: matrix.tox == 'style'
       - run: pip install tox
       - run: tox -e ${{ matrix.tox }}

CONTRIBUTING.rst

@@ -7,19 +7,19 @@ Thank you for considering contributing to Flask!
 Support questions
 -----------------
 
-Please, don't use the issue tracker for this. The issue tracker is a
-tool to address bugs and feature requests in Flask itself. Use one of
-the following resources for questions about using Flask or issues with
-your own code:
+Please don't use the issue tracker for this. The issue tracker is a tool
+to address bugs and feature requests in Flask itself. Use one of the
+following resources for questions about using Flask or issues with your
+own code:
 
 -   The ``#get-help`` channel on our Discord chat:
     https://discord.gg/pallets
 -   The mailing list flask@python.org for long term discussion or larger
     issues.
 -   Ask on `Stack Overflow`_. Search with Google first using:
-    ``site:stackoverflow.com python flask {search term, exception message, etc.}``
+    ``site:stackoverflow.com flask {search term, exception message, etc.}``
 
-.. _Stack Overflow: https://stackoverflow.com/questions/tagged/flask?sort=linked
+.. _Stack Overflow: https://stackoverflow.com/questions/tagged/flask?tab=Frequent
 
 
 Reporting issues
@@ -33,9 +33,9 @@ Include the following information in your post:
     your own code.
 -   Describe what actually happened. Include the full traceback if there
     was an exception.
--   List your Python, Flask, and Werkzeug versions. If possible, check
-    if this issue is already fixed in the latest releases or the latest
-    code in the repository.
+-   List your Python and Flask versions. If possible, check if this
+    issue is already fixed in the latest releases or the latest code in
+    the repository.
 
 .. _minimal reproducible example: https://stackoverflow.com/help/minimal-reproducible-example
 
@@ -98,7 +98,7 @@ First time setup
 
     .. tabs::
 
-       .. group-tab:: macOS/Linux
+       .. group-tab:: Linux/macOS
 
           .. code-block:: text
 
@@ -112,11 +112,12 @@ First time setup
              > py -3 -m venv env
              > env\Scripts\activate
 
--   Install Flask in editable mode with development dependencies.
+-   Install the development dependencies, then install Flask in editable
+    mode.
 
     .. code-block:: text
 
-        $ pip install -e . -r requirements/dev.txt
+        $ pip install -r requirements/dev.txt && pip install -e .
 
 -   Install the pre-commit hooks.
 
@@ -125,11 +126,11 @@ First time setup
         $ pre-commit install
 
 .. _latest version of git: https://git-scm.com/downloads
-.. _username: https://help.github.com/en/articles/setting-your-username-in-git
-.. _email: https://help.github.com/en/articles/setting-your-commit-email-address-in-git
+.. _username: https://docs.github.com/en/github/using-git/setting-your-username-in-git
+.. _email: https://docs.github.com/en/github/setting-up-and-managing-your-github-user-account/setting-your-commit-email-address
 .. _GitHub account: https://github.com/join
-.. _Fork: https://github.com/pallets/flask/fork
-.. _Clone: https://help.github.com/en/articles/fork-a-repo#step-2-create-a-local-clone-of-your-fork
+.. _Fork: https://github.com/pallets/jinja/fork
+.. _Clone: https://docs.github.com/en/github/getting-started-with-github/fork-a-repo#step-2-create-a-local-clone-of-your-fork
 
 
 Start coding
@@ -165,7 +166,7 @@ Start coding
         $ git push --set-upstream fork your-branch-name
 
 .. _committing as you go: https://dont-be-afraid-to-commit.readthedocs.io/en/latest/git/commandlinegit.html#commit-your-changes
-.. _create a pull request: https://help.github.com/en/articles/creating-a-pull-request
+.. _create a pull request: https://docs.github.com/en/github/collaborating-with-issues-and-pull-requests/creating-a-pull-request
 
 
 Running the tests

requirements/dev.txt

@@ -8,17 +8,17 @@ alabaster==0.7.12
     # via sphinx
 appdirs==1.4.4
     # via virtualenv
-attrs==20.2.0
+attrs==20.3.0
     # via pytest
-babel==2.8.0
+babel==2.9.0
     # via sphinx
 blinker==1.4
     # via -r requirements/tests.in
-certifi==2020.6.20
+certifi==2020.12.5
     # via requests
 cfgv==3.2.0
     # via pre-commit
-chardet==3.0.4
+chardet==4.0.0
     # via requests
 click==7.1.2
     # via pip-tools
@@ -32,7 +32,7 @@ filelock==3.0.12
     #   virtualenv
 greenlet==1.0.0
     # via -r requirements/tests.in
-identify==1.5.6
+identify==1.5.13
     # via pre-commit
 idna==2.10
     # via requests
@@ -61,13 +61,13 @@ pluggy==0.13.1
     # via
     #   pytest
     #   tox
-pre-commit==2.10.0
+pre-commit==2.10.1
     # via -r requirements/dev.in
-py==1.9.0
+py==1.10.0
     # via
     #   pytest
     #   tox
-pygments==2.7.2
+pygments==2.7.4
     # via
     #   sphinx
     #   sphinx-tabs
@@ -77,21 +77,21 @@ pytest==6.2.2
     # via -r requirements/tests.in
 python-dotenv==0.15.0
     # via -r requirements/tests.in
-pytz==2020.1
+pytz==2021.1
     # via babel
-pyyaml==5.3.1
+pyyaml==5.4.1
     # via pre-commit
-requests==2.24.0
+requests==2.25.1
     # via sphinx
 six==1.15.0
     # via
     #   tox
     #   virtualenv
-snowballstemmer==2.0.0
+snowballstemmer==2.1.0
     # via sphinx
 sphinx-issues==1.2.0
     # via -r requirements/docs.in
-sphinx-tabs==2.0.0
+sphinx-tabs==2.0.1
     # via -r requirements/docs.in
 sphinx==3.4.3
     # via
@@ -119,11 +119,11 @@ toml==0.10.2
     #   pre-commit
     #   pytest
     #   tox
-tox==3.21.3
+tox==3.21.4
     # via -r requirements/dev.in
-urllib3==1.25.11
+urllib3==1.26.3
     # via requests
-virtualenv==20.1.0
+virtualenv==20.4.2
     # via
     #   pre-commit
     #   tox

requirements/docs.txt

@@ -6,11 +6,11 @@
 #
 alabaster==0.7.12
     # via sphinx
-babel==2.8.0
+babel==2.9.0
     # via sphinx
-certifi==2020.6.20
+certifi==2020.12.5
     # via requests
-chardet==3.0.4
+chardet==4.0.0
     # via requests
 docutils==0.16
     # via sphinx
@@ -29,21 +29,21 @@ packaging==20.9
     #   sphinx
 pallets-sphinx-themes==1.2.3
     # via -r requirements/docs.in
-pygments==2.7.2
+pygments==2.7.4
     # via
     #   sphinx
     #   sphinx-tabs
 pyparsing==2.4.7
     # via packaging
-pytz==2020.1
+pytz==2021.1
     # via babel
-requests==2.24.0
+requests==2.25.1
     # via sphinx
-snowballstemmer==2.0.0
+snowballstemmer==2.1.0
     # via sphinx
 sphinx-issues==1.2.0
     # via -r requirements/docs.in
-sphinx-tabs==2.0.0
+sphinx-tabs==2.0.1
     # via -r requirements/docs.in
 sphinx==3.4.3
     # via
@@ -66,7 +66,7 @@ sphinxcontrib-qthelp==1.0.3
     # via sphinx
 sphinxcontrib-serializinghtml==1.1.4
     # via sphinx
-urllib3==1.25.11
+urllib3==1.26.3
     # via requests
 
 # The following packages are considered to be unsafe in a requirements file:

requirements/tests.txt

@@ -4,7 +4,7 @@
 #
 #    pip-compile requirements/tests.in
 #
-attrs==20.2.0
+attrs==20.3.0
     # via pytest
 blinker==1.4
     # via -r requirements/tests.in
@@ -16,7 +16,7 @@ packaging==20.9
     # via pytest
 pluggy==0.13.1
     # via pytest
-py==1.9.0
+py==1.10.0
     # via pytest
 pyparsing==2.4.7
     # via packaging

tox.ini

@@ -15,11 +15,9 @@ deps =
     https://github.com/pallets/itsdangerous/archive/master.tar.gz
     https://github.com/pallets/click/archive/master.tar.gz
 
-commands =
-    pip install -q -e examples/tutorial[test]
-    pip install -q -e examples/javascript[test]
-
-    pytest --tb=short --basetemp={envtmpdir} {posargs:tests examples}
+    examples/tutorial[test]
+    examples/javascript[test]
+commands = pytest -v --tb=short --basetemp={envtmpdir} {posargs:tests examples}
 
 [testenv:style]
 deps = pre-commit