orbit-oss/flask
4
4
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5469 commits 4 branches 69 tags 37 MiB
Commit graph

395 commits

Author SHA1 Message Date
David Lord
22d924701a
release version 3.1.3 2026-02-18 19:41:55 -08:00
David Lord
c17f379390
request context tracks session access 2026-02-18 19:02:54 -08:00
David Lord
27be933840
start version 3.1.3 2026-02-18 14:52:52 -08:00
David Lord
2c1b30d050
release version 3.1.2 2025-08-19 13:57:47 -07:00
David Lord
d8259eb119
use Jinja name consistently 2025-08-19 10:43:16 -07:00
David Lord
9822a03515
refactor stream_with_context for async views 2025-08-19 08:18:55 -07:00
Tero Vuotila
d44f1c6523
relax type hint for bytes io 2025-08-18 10:22:59 -07:00
David Lord
53b8f08218
push preserved contexts in correct order 2025-08-18 09:45:56 -07:00
David Lord
5addaf833b
start version 3.1.2 2025-08-18 09:42:21 -07:00
David Lord
bbaf13333f
fix syntax 2025-05-13 08:09:39 -07:00
David Lord
7fff56f517
release version 3.1.1 2025-05-13 07:51:12 -07:00
James Addison
fb54159861
secret key rotation: fix key list ordering 
The `itsdangerous` serializer interface[1] expects keys to be
provided with the oldest key at index zero and the active signing key
at the end of the list.

We document[2] that `SECRET_KEY_FALLBACKS` should be configured with
the most recent first (at index zero), so to achieve the expected
behaviour, those should be inserted in reverse-order at the head of
the list.

[1] - https://itsdangerous.palletsprojects.com/en/stable/serializer/#itsdangerous.serializer.Serializer

[2] - https://flask.palletsprojects.com/en/stable/config/#SECRET_KEY_FALLBACKS
 2025-05-12 18:30:27 -07:00
CoolCat467
410e5ab7ed
Accept AsyncIterable for responses 2025-03-30 13:14:25 -07:00
David Lord
bfffe87d4c
add ghsa links 2025-03-29 15:57:16 -07:00
George Waters
da60039486
Handle help arg by itself the same as no args 
When the 'flask' command is used with only the '--help' parameter, this
change will make sure to try and load the app before the help callback
is run. This was previously only being done when the 'flask' command was
used by itself. This meant when passing in '--help', any custom commands
were not getting shown in the help message. With this change, custom
commands will be included in the help message when running 'flask' on
the command line by itself or with the '--help' parameter.
 2025-03-29 15:13:23 -07:00
kurtatter
54c3f87af9
fix type hint for cli_runner.invoke 2024-11-23 17:50:40 -08:00
David Lord
dcbe86bd15
start version 3.1.1 2024-11-23 16:01:16 -08:00
David Lord
ab81496641
release version 3.1.0 2024-11-13 10:20:07 -08:00
David Lord
4f7156f2c3
configure and check trusted_hosts 2024-11-12 21:01:55 -08:00
David Lord
4995a775df
fix subdomain_matching=False behavior 2024-11-12 08:58:08 -08:00
David Lord
470e2b8d17
update min blinker version 2024-11-08 09:48:59 -08:00
David Lord
e13373f838
enable secret key rotation 2024-11-08 08:09:01 -08:00
David Lord
2c31603042
update env file precedence 2024-11-07 11:54:29 -08:00
David Lord
9efc1ebeeb
add SESSION_COOKIE_PARTITIONED config 
co-authored-by: Jose Cespedes <josecespedes@ibm.com>
 2024-11-01 16:24:15 -07:00
David Lord
c7a53888a1
add config and docs for limits 2024-11-01 13:17:53 -07:00
David Lord
8f37c82f61
update min dependencies 2024-10-31 13:11:06 -07:00
David Lord
1d610e44b3
drop support for Python 3.8 2024-10-31 12:30:53 -07:00
David Lord
2778b7c23f
Merge branch 'stable' 2024-10-24 13:28:57 -07:00
David Lord
9b5549313e
Merge branch '3.0.x' 2024-10-23 13:45:17 -07:00
Catarina Bressan
74721b48f0 Fix the issue link in the Flask 3.0.1 Changelog in the send_file argument type entry 2024-10-22 17:32:02 -03:00
David Lord
c5a5576522
update CHANGES.rst 2024-10-18 10:03:49 -07:00
Grey Li
e63ead4208 Fix typo in the changelog 2024-09-24 08:54:01 +08:00
David Lord
28d5a4d718
add encoding parameter to open_resource 
co-authored-by: mark <lopkophacked@protonmail.com>
 2024-07-10 19:14:06 -07:00
pgjones
d718ecf6d3 Provide a configuration option to control automatic option responses 
By default Flask will provide responses to OPTIONS requests that are
automatically generated. These responses list the valid methods in the
response headers. Whilst this is useful, it can be frowned on by
auditors hence an ability to disable it wholesale is useful.
 2024-06-07 19:04:18 +00:00
David Lord
19610a9e46
start version 3.1.0 2024-04-07 12:29:49 -07:00
David Lord
c12a5d874c
release version 3.0.3 2024-04-07 12:17:41 -07:00
pgjones
5fdce4c331
Don't set the cli attribute in the sansio scaffold 
It is (currently) Flask specific and hence cannot be shared in the
sansio shared code.
 2024-04-07 12:13:02 -07:00
David Lord
db461112c7
access sha1 lazily 2024-04-07 11:41:13 -07:00
David Lord
7320e311a0
start version 3.0.3 2024-04-07 11:22:02 -07:00
David Lord
d2030595dc
release version 3.0.2 2024-02-03 12:54:41 -08:00
Tony Huang
1af8f95785
fix super call in list comprehension 2024-02-03 12:36:06 -08:00
Cody Scott
ecc057dd48
fix jinja_loader annotation 2024-02-03 12:14:38 -08:00
David Lord
3207af8827
start version 3.0.2 2024-02-03 09:41:38 -08:00
David Lord
f622b1cade
release version 3.0.1 2024-01-18 11:57:33 -08:00
David Lord
6000e80acf
address mypy strict findings 2024-01-16 10:11:13 -08:00
David Lord
700fc7d928
untag without object_hook 2024-01-15 07:49:02 -08:00
lizard
1d5abfadd7
Fixing issue 5342: 'The double quote is missing in the string' 2023-12-13 15:05:03 -08:00
Daniel Isaac
4104f29956
type hint fix for flask.send_file 2023-11-15 12:53:22 -08:00
David Lord
66743d4f9d
start version 3.0.1 2023-11-15 12:50:46 -08:00
pgjones
14232513fd Release version 3.0.0 2023-09-30 15:37:24 +01:00