orbit-oss/flask
4
4
Fork 2
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
5441 commits 4 branches 69 tags 37 MiB
Commit graph

439 commits

Author SHA1 Message Date
David Lord
edebd37044
rewrite docs, clean up typing for template decorators 2025-08-19 12:33:21 -07:00
kadai0308
daf1510a4b
use template_filter without parens 2025-08-19 12:33:21 -07:00
David Lord
e974128863
Merge branch 'stable' 2025-06-08 09:54:32 -07:00
David Lord
f04c5e6964
update dev dependencies 2025-06-08 09:52:11 -07:00
David Lord
52df9eed45
drop end of life python versions 2025-05-13 08:31:54 -07:00
David Lord
e7e5380776
Merge branch 'stable' 2025-05-13 08:10:30 -07:00
James Addison
fb54159861
secret key rotation: fix key list ordering 
The `itsdangerous` serializer interface[1] expects keys to be
provided with the oldest key at index zero and the active signing key
at the end of the list.

We document[2] that `SECRET_KEY_FALLBACKS` should be configured with
the most recent first (at index zero), so to achieve the expected
behaviour, those should be inserted in reverse-order at the head of
the list.

[1] - https://itsdangerous.palletsprojects.com/en/stable/serializer/#itsdangerous.serializer.Serializer

[2] - https://flask.palletsprojects.com/en/stable/config/#SECRET_KEY_FALLBACKS
 2025-05-12 18:30:27 -07:00
David Lord
0109e496f6
use uv 2025-05-11 17:58:53 -07:00
David Lord
11c45eeba3
update dev dependencies 2025-05-11 05:58:48 -07:00
David Lord
b78b5a210b
Merge branch 'stable' 2025-03-30 13:17:17 -07:00
CoolCat467
410e5ab7ed
Accept AsyncIterable for responses 2025-03-30 13:14:25 -07:00
David Lord
7d5d187458
better type checking during deprecation 2025-03-29 15:23:34 -07:00
George Waters
da60039486
Handle help arg by itself the same as no args 
When the 'flask' command is used with only the '--help' parameter, this
change will make sure to try and load the app before the help callback
is run. This was previously only being done when the 'flask' command was
used by itself. This meant when passing in '--help', any custom commands
were not getting shown in the help message. With this change, custom
commands will be included in the help message when running 'flask' on
the command line by itself or with the '--help' parameter.
 2025-03-29 15:13:23 -07:00
David Lord
165af0a090
update dev dependencies 2025-03-29 14:44:59 -07:00
David Lord
6b054f8f38
Merge branch 'stable' 2024-11-23 17:54:29 -08:00
kurtatter
54c3f87af9
fix type hint for cli_runner.invoke 2024-11-23 17:50:40 -08:00
David Lord
b394a994e6
update __version__ deprecation 2024-11-23 16:03:47 -08:00
David Lord
d22bfcd4cf
remove previously deprecated code 2024-11-23 15:41:36 -08:00
David Lord
22c48a738b
Merge remote-tracking branch 'origin/stable' 2024-11-13 08:43:48 -08:00
David Lord
f49dbfd3e4
use generic bases for session 2024-11-13 08:22:57 -08:00
David Lord
4f7156f2c3
configure and check trusted_hosts 2024-11-12 21:01:55 -08:00
David Lord
4995a775df
fix subdomain_matching=False behavior 2024-11-12 08:58:08 -08:00
David Lord
e13373f838
enable secret key rotation 2024-11-08 08:09:01 -08:00
David Lord
2c31603042
update env file precedence 2024-11-07 11:54:29 -08:00
David
6c44dd4bb8
update helpers.send_from_directory docstring (#5599) 
Update helpers.send_from_directory docstring to match werkzeug.utils.send_from_directory docstring on the :param directory: line.
 2024-11-06 09:47:57 -08:00
David Lord
98ae718976
fix mypy finding 2024-11-01 18:06:34 -07:00
David Lord
9efc1ebeeb
add SESSION_COOKIE_PARTITIONED config 
co-authored-by: Jose Cespedes <josecespedes@ibm.com>
 2024-11-01 16:24:15 -07:00
David Lord
c7a53888a1
add config and docs for limits 2024-11-01 13:17:53 -07:00
David Lord
1d610e44b3
drop support for Python 3.8 2024-10-31 12:30:53 -07:00
bre-17387639
9e831e915f
fix pyright type errors 2024-10-24 14:46:34 -07:00
David Lord
dffe303482
fix mypy findings 2024-10-18 13:04:35 -07:00
David Lord
bca18041b0
Merge branch '3.0.x' 2024-10-18 10:03:09 -07:00
David Lord
b337d21058
update dev dependencies 2024-10-18 10:02:35 -07:00
David Lord
4e6384da32
Merge branch '3.0.x' 2024-08-23 16:34:57 -07:00
David Lord
176fdfa000
fix mypy findings 2024-08-23 16:33:52 -07:00
David Lord
28d5a4d718
add encoding parameter to open_resource 
co-authored-by: mark <lopkophacked@protonmail.com>
 2024-07-10 19:14:06 -07:00
pgjones
d718ecf6d3 Provide a configuration option to control automatic option responses 
By default Flask will provide responses to OPTIONS requests that are
automatically generated. These responses list the valid methods in the
response headers. Whilst this is useful, it can be frowned on by
auditors hence an ability to disable it wholesale is useful.
 2024-06-07 19:04:18 +00:00
Heisenberg
c7da8c2aa3
Added python type annotation and return type. 2024-05-25 11:28:19 -07:00
David Lord
860a25c390
fix mypy finding 2024-05-06 10:23:10 -07:00
David Lord
eb1182a10e
fix mypy finding 2024-05-06 10:12:32 -07:00
David Lord
a363642a32
fix mypy finding with new werkzeug endpoint type 2024-05-06 10:09:58 -07:00
pgjones
5fdce4c331
Don't set the cli attribute in the sansio scaffold 
It is (currently) Flask specific and hence cannot be shared in the
sansio shared code.
 2024-04-07 12:13:02 -07:00
David Lord
db461112c7
access sha1 lazily 2024-04-07 11:41:13 -07:00
David Lord
87d5f5b9a9
update project files (#5457) 
* update pre-commit hook
* upgrade pip with venv
* update description and version
* show url in publish environment
* update versions
* update versions, separate typing job
* use dependabot grouped updates
  ignore upload/download-artifact until slsa updates
* use sphinx.ext.extlinks instead of sphinx-issues
* update dev dependencies
* update editorconfig
* update gitignore
* update .readthedocs.yaml
* license is txt, readme is md
* update pyproject.toml
  add typed classifier
  add pyright config
  simplify urls
* tox builds docs in place
* update min test py version
* add tox env to update all dev dependencies
* update issue and pr templates
* rename security docs page to not conflict with org policy file
* simplify matrix
 2024-04-07 10:24:40 -07:00
Tony Huang
1af8f95785
fix super call in list comprehension 2024-02-03 12:36:06 -08:00
Cody Scott
ecc057dd48
fix jinja_loader annotation 2024-02-03 12:14:38 -08:00
David Lord
08d3185e87
update pre-commit hooks 2024-01-16 10:12:10 -08:00
David Lord
6000e80acf
address mypy strict findings 2024-01-16 10:11:13 -08:00
David Lord
700fc7d928
untag without object_hook 2024-01-15 07:49:02 -08:00
lizard
1d5abfadd7
Fixing issue 5342: 'The double quote is missing in the string' 2023-12-13 15:05:03 -08:00