diff --git a/.github/dependabot.yml b/.github/dependabot.yml deleted file mode 100644 index 1f47f125..00000000 --- a/.github/dependabot.yml +++ /dev/null @@ -1,18 +0,0 @@ -version: 2 -updates: - - package-ecosystem: github-actions - directory: / - schedule: - interval: monthly - groups: - github-actions: - patterns: - - '*' - - package-ecosystem: pip - directory: /requirements/ - schedule: - interval: monthly - groups: - python-requirements: - patterns: - - '*' diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index f93f2d26..b1b29ec1 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -23,7 +23,7 @@ jobs: - name: generate hash id: hash run: cd dist && echo "hash=$(sha256sum * | base64 -w0)" >> $GITHUB_OUTPUT - - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: path: ./dist provenance: diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5115439c..5bee1ca4 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -2,7 +2,7 @@ ci: autoupdate_schedule: monthly repos: - repo: https://github.com/astral-sh/ruff-pre-commit - rev: v0.5.6 + rev: v0.6.2 hooks: - id: ruff - id: ruff-format diff --git a/docs/config.rst b/docs/config.rst index 12e62bb5..f9e71774 100644 --- a/docs/config.rst +++ b/docs/config.rst @@ -142,6 +142,12 @@ The following configuration values are used internally by Flask: Default: ``None`` + .. warning:: + If this is changed after the browser created a cookie is created with + one setting, it may result in another being created. Browsers may send + send both in an undefined order. In that case, you may want to change + :data:`SESSION_COOKIE_NAME` as well or otherwise invalidate old sessions. + .. versionchanged:: 2.3 Not set by default, does not fall back to ``SERVER_NAME``. diff --git a/docs/deploying/waitress.rst b/docs/deploying/waitress.rst index aeafb9f7..7bdd695b 100644 --- a/docs/deploying/waitress.rst +++ b/docs/deploying/waitress.rst @@ -68,7 +68,7 @@ reverse proxy such as :doc:`nginx` or :doc:`apache-httpd` should be used in front of Waitress. You can bind to all external IPs on a non-privileged port by not -specifying the ``--host`` option. Don't do this when using a revers +specifying the ``--host`` option. Don't do this when using a reverse proxy setup, otherwise it will be possible to bypass the proxy. ``0.0.0.0`` is not a valid address to navigate to, you'd use a specific diff --git a/docs/quickstart.rst b/docs/quickstart.rst index 0d7ad3f6..f763bb1e 100644 --- a/docs/quickstart.rst +++ b/docs/quickstart.rst @@ -375,7 +375,7 @@ Here's a simple example of how to render a template:: @app.route('/hello/') @app.route('/hello/') def hello(name=None): - return render_template('hello.html', name=name) + return render_template('hello.html', person=name) Flask will look for templates in the :file:`templates` folder. So if your application is a module, this folder is next to that module, if it's a @@ -404,8 +404,8 @@ Here is an example template: Hello from Flask - {% if name %} -

Hello {{ name }}!

+ {% if person %} +

Hello {{ person }}!

{% else %}

Hello, World!

{% endif %} @@ -419,7 +419,7 @@ know how that works, see :doc:`patterns/templateinheritance`. Basically template inheritance makes it possible to keep certain elements on each page (like header, navigation and footer). -Automatic escaping is enabled, so if ``name`` contains HTML it will be escaped +Automatic escaping is enabled, so if ``person`` contains HTML it will be escaped automatically. If you can trust a variable and you know that it will be safe HTML (for example because it came from a module that converts wiki markup to HTML) you can mark it as safe by using the diff --git a/pyproject.toml b/pyproject.toml index 64d51c32..cddf28cd 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -113,8 +113,12 @@ select = [ "UP", # pyupgrade "W", # pycodestyle warning ] -ignore-init-module-imports = true [tool.ruff.lint.isort] force-single-line = true order-by-type = false + +[tool.gha-update] +tag-only = [ + "slsa-framework/slsa-github-generator", +] diff --git a/requirements/build.txt b/requirements/build.txt index 9ecc4895..4b289ca7 100644 --- a/requirements/build.txt +++ b/requirements/build.txt @@ -6,7 +6,7 @@ # build==1.2.1 # via -r build.in -packaging==24.0 +packaging==24.1 # via build -pyproject-hooks==1.0.0 +pyproject-hooks==1.1.0 # via build diff --git a/requirements/dev.txt b/requirements/dev.txt index dc509596..cb7a407c 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -4,7 +4,7 @@ # # pip-compile dev.in # -alabaster==0.7.16 +alabaster==1.0.0 # via # -r docs.txt # sphinx @@ -12,17 +12,17 @@ asgiref==3.8.1 # via # -r tests.txt # -r typing.txt -babel==2.14.0 +babel==2.16.0 # via # -r docs.txt # sphinx -cachetools==5.3.3 +cachetools==5.5.0 # via tox -certifi==2024.2.2 +certifi==2024.7.4 # via # -r docs.txt # requests -cffi==1.16.0 +cffi==1.17.0 # via # -r typing.txt # cryptography @@ -36,22 +36,22 @@ charset-normalizer==3.3.2 # requests colorama==0.4.6 # via tox -cryptography==42.0.8 +cryptography==43.0.0 # via -r typing.txt distlib==0.3.8 # via virtualenv -docutils==0.20.1 +docutils==0.21.2 # via # -r docs.txt # sphinx # sphinx-tabs -filelock==3.13.3 +filelock==3.15.4 # via # tox # virtualenv -identify==2.5.35 +identify==2.6.0 # via pre-commit -idna==3.6 +idna==3.8 # via # -r docs.txt # requests @@ -64,7 +64,7 @@ iniconfig==2.0.0 # -r tests.txt # -r typing.txt # pytest -jinja2==3.1.3 +jinja2==3.1.4 # via # -r docs.txt # sphinx @@ -72,18 +72,18 @@ markupsafe==2.1.5 # via # -r docs.txt # jinja2 -mypy==1.10.1 +mypy==1.11.1 # via -r typing.txt mypy-extensions==1.0.0 # via # -r typing.txt # mypy -nodeenv==1.8.0 +nodeenv==1.9.1 # via # -r typing.txt # pre-commit # pyright -packaging==24.0 +packaging==24.1 # via # -r docs.txt # -r tests.txt @@ -95,7 +95,7 @@ packaging==24.0 # tox pallets-sphinx-themes==2.1.3 # via -r docs.txt -platformdirs==4.2.0 +platformdirs==4.2.2 # via # tox # virtualenv @@ -105,22 +105,22 @@ pluggy==1.5.0 # -r typing.txt # pytest # tox -pre-commit==3.7.1 +pre-commit==3.8.0 # via -r dev.in pycparser==2.22 # via # -r typing.txt # cffi -pygments==2.17.2 +pygments==2.18.0 # via # -r docs.txt # sphinx # sphinx-tabs -pyproject-api==1.6.1 +pyproject-api==1.7.1 # via tox -pyright==1.1.369 +pyright==1.1.377 # via -r typing.txt -pytest==8.2.2 +pytest==8.3.2 # via # -r tests.txt # -r typing.txt @@ -128,9 +128,9 @@ python-dotenv==1.0.1 # via # -r tests.txt # -r typing.txt -pyyaml==6.0.1 +pyyaml==6.0.2 # via pre-commit -requests==2.31.0 +requests==2.32.3 # via # -r docs.txt # sphinx @@ -138,7 +138,7 @@ snowballstemmer==2.2.0 # via # -r docs.txt # sphinx -sphinx==7.3.7 +sphinx==8.0.2 # via # -r docs.txt # pallets-sphinx-themes @@ -146,15 +146,15 @@ sphinx==7.3.7 # sphinxcontrib-log-cabinet sphinx-tabs==3.4.5 # via -r docs.txt -sphinxcontrib-applehelp==1.0.8 +sphinxcontrib-applehelp==2.0.0 # via # -r docs.txt # sphinx -sphinxcontrib-devhelp==1.0.6 +sphinxcontrib-devhelp==2.0.0 # via # -r docs.txt # sphinx -sphinxcontrib-htmlhelp==2.0.5 +sphinxcontrib-htmlhelp==2.1.0 # via # -r docs.txt # sphinx @@ -164,32 +164,29 @@ sphinxcontrib-jsmath==1.0.1 # sphinx sphinxcontrib-log-cabinet==1.0.1 # via -r docs.txt -sphinxcontrib-qthelp==1.0.7 +sphinxcontrib-qthelp==2.0.0 # via # -r docs.txt # sphinx -sphinxcontrib-serializinghtml==1.1.10 +sphinxcontrib-serializinghtml==2.0.0 # via # -r docs.txt # sphinx -tox==4.15.1 +tox==4.18.0 # via -r dev.in types-contextvars==2.4.7.3 # via -r typing.txt types-dataclasses==0.6.6 # via -r typing.txt -typing-extensions==4.11.0 +typing-extensions==4.12.2 # via # -r typing.txt # mypy -urllib3==2.2.1 +urllib3==2.2.2 # via # -r docs.txt # requests -virtualenv==20.25.1 +virtualenv==20.26.3 # via # pre-commit # tox - -# The following packages are considered to be unsafe in a requirements file: -# setuptools diff --git a/requirements/docs.txt b/requirements/docs.txt index fe7501f1..651e9b2d 100644 --- a/requirements/docs.txt +++ b/requirements/docs.txt @@ -4,41 +4,41 @@ # # pip-compile docs.in # -alabaster==0.7.16 +alabaster==1.0.0 # via sphinx -babel==2.14.0 +babel==2.16.0 # via sphinx -certifi==2024.2.2 +certifi==2024.7.4 # via requests charset-normalizer==3.3.2 # via requests -docutils==0.20.1 +docutils==0.21.2 # via # sphinx # sphinx-tabs -idna==3.6 +idna==3.8 # via requests imagesize==1.4.1 # via sphinx -jinja2==3.1.3 +jinja2==3.1.4 # via sphinx markupsafe==2.1.5 # via jinja2 -packaging==24.0 +packaging==24.1 # via # pallets-sphinx-themes # sphinx pallets-sphinx-themes==2.1.3 # via -r docs.in -pygments==2.17.2 +pygments==2.18.0 # via # sphinx # sphinx-tabs -requests==2.31.0 +requests==2.32.3 # via sphinx snowballstemmer==2.2.0 # via sphinx -sphinx==7.3.7 +sphinx==8.0.2 # via # -r docs.in # pallets-sphinx-themes @@ -46,19 +46,19 @@ sphinx==7.3.7 # sphinxcontrib-log-cabinet sphinx-tabs==3.4.5 # via -r docs.in -sphinxcontrib-applehelp==1.0.8 +sphinxcontrib-applehelp==2.0.0 # via sphinx -sphinxcontrib-devhelp==1.0.6 +sphinxcontrib-devhelp==2.0.0 # via sphinx -sphinxcontrib-htmlhelp==2.0.5 +sphinxcontrib-htmlhelp==2.1.0 # via sphinx sphinxcontrib-jsmath==1.0.1 # via sphinx sphinxcontrib-log-cabinet==1.0.1 # via -r docs.in -sphinxcontrib-qthelp==1.0.7 +sphinxcontrib-qthelp==2.0.0 # via sphinx -sphinxcontrib-serializinghtml==1.1.10 +sphinxcontrib-serializinghtml==2.0.0 # via sphinx -urllib3==2.2.1 +urllib3==2.2.2 # via requests diff --git a/requirements/tests.txt b/requirements/tests.txt index b2d01531..3a24fc51 100644 --- a/requirements/tests.txt +++ b/requirements/tests.txt @@ -8,11 +8,11 @@ asgiref==3.8.1 # via -r tests.in iniconfig==2.0.0 # via pytest -packaging==24.0 +packaging==24.1 # via pytest pluggy==1.5.0 # via pytest -pytest==8.2.2 +pytest==8.3.2 # via -r tests.in python-dotenv==1.0.1 # via -r tests.in diff --git a/requirements/typing.txt b/requirements/typing.txt index cd08335f..99753c70 100644 --- a/requirements/typing.txt +++ b/requirements/typing.txt @@ -6,27 +6,27 @@ # asgiref==3.8.1 # via -r typing.in -cffi==1.16.0 +cffi==1.17.0 # via cryptography -cryptography==42.0.8 +cryptography==43.0.0 # via -r typing.in iniconfig==2.0.0 # via pytest -mypy==1.10.1 +mypy==1.11.1 # via -r typing.in mypy-extensions==1.0.0 # via mypy -nodeenv==1.8.0 +nodeenv==1.9.1 # via pyright -packaging==24.0 +packaging==24.1 # via pytest pluggy==1.5.0 # via pytest pycparser==2.22 # via cffi -pyright==1.1.369 +pyright==1.1.377 # via -r typing.in -pytest==8.2.2 +pytest==8.3.2 # via -r typing.in python-dotenv==1.0.1 # via -r typing.in @@ -34,8 +34,5 @@ types-contextvars==2.4.7.3 # via -r typing.in types-dataclasses==0.6.6 # via -r typing.in -typing-extensions==4.11.0 +typing-extensions==4.12.2 # via mypy - -# The following packages are considered to be unsafe in a requirements file: -# setuptools diff --git a/src/flask/helpers.py b/src/flask/helpers.py index 00abe046..2b805847 100644 --- a/src/flask/helpers.py +++ b/src/flask/helpers.py @@ -47,9 +47,21 @@ def get_load_dotenv(default: bool = True) -> bool: return val.lower() in ("0", "false", "no") +@t.overload +def stream_with_context( + generator_or_function: t.Iterator[t.AnyStr], +) -> t.Iterator[t.AnyStr]: ... + + +@t.overload +def stream_with_context( + generator_or_function: t.Callable[..., t.Iterator[t.AnyStr]], +) -> t.Callable[[t.Iterator[t.AnyStr]], t.Iterator[t.AnyStr]]: ... + + def stream_with_context( generator_or_function: t.Iterator[t.AnyStr] | t.Callable[..., t.Iterator[t.AnyStr]], -) -> t.Iterator[t.AnyStr]: +) -> t.Iterator[t.AnyStr] | t.Callable[[t.Iterator[t.AnyStr]], t.Iterator[t.AnyStr]]: """Request contexts disappear when the response is started on the server. This is done for efficiency reasons and to make it less likely to encounter memory leaks with badly written WSGI middlewares. The downside is that if diff --git a/src/flask/json/provider.py b/src/flask/json/provider.py index f9b2e8ff..b086e668 100644 --- a/src/flask/json/provider.py +++ b/src/flask/json/provider.py @@ -113,7 +113,7 @@ def _default(o: t.Any) -> t.Any: return str(o) if dataclasses and dataclasses.is_dataclass(o): - return dataclasses.asdict(o) + return dataclasses.asdict(o) # type: ignore[call-overload] if hasattr(o, "__html__"): return str(o.__html__()) diff --git a/src/flask/sansio/app.py b/src/flask/sansio/app.py index 4c93c249..c091b5cb 100644 --- a/src/flask/sansio/app.py +++ b/src/flask/sansio/app.py @@ -291,7 +291,7 @@ class App(Scaffold): instance_path: str | None = None, instance_relative_config: bool = False, root_path: str | None = None, - ): + ) -> None: super().__init__( import_name=import_name, static_folder=static_folder, diff --git a/tox.ini b/tox.ini index 60ebdb08..10d4faf5 100644 --- a/tox.ini +++ b/tox.ini @@ -34,16 +34,26 @@ commands = mypy deps = -r requirements/docs.txt commands = sphinx-build -E -W -b dirhtml docs docs/_build/dirhtml +[testenv:update-actions] +labels = update +deps = gha-update +commands = gha-update + +[testenv:update-pre_commit] +labels = update +deps = pre-commit +skip_install = true +commands = pre-commit autoupdate -j4 + [testenv:update-requirements] -deps = - pip-tools - pre-commit +base_python = 3.12 +labels = update +deps = pip-tools skip_install = true change_dir = requirements commands = - pre-commit autoupdate -j4 - pip-compile -U build.in - pip-compile -U docs.in - pip-compile -U tests.in - pip-compile -U typing.in - pip-compile -U dev.in + pip-compile build.in -q {posargs:-U} + pip-compile docs.in -q {posargs:-U} + pip-compile tests.in -q {posargs:-U} + pip-compile typing.in -q {posargs:-U} + pip-compile dev.in -q {posargs:-U}