From a9175cdb88ad8d799fa349afe9b89da74e7a8825 Mon Sep 17 00:00:00 2001
From: David Butenhof <dbutenho@redhat.com>
Date: Tue, 25 Apr 2023 17:40:15 -0400
Subject: [PATCH] Lock flask and Werkzeug below 2.3.0 for now (#3400)

A Flask package update today breaks all Pbench authentication; it's not
clear why, and until we can figure it out, let's lock Flask below 2.3
to avoid the issue. This also locks Werkzeug to match because that was
causing issues in testing.
---
 server/requirements.txt | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/server/requirements.txt b/server/requirements.txt
index 02dd73af15..38e382133a 100644
--- a/server/requirements.txt
+++ b/server/requirements.txt
@@ -3,7 +3,7 @@ aniso8601>=9.0.1
 Bcrypt-Flask
 click>=8.0
 elasticsearch>=7.13.1, <7.14
-flask
+flask<2.3.0
 flask_cors
 Flask-HTTPAuth>=4.0.0
 flask-jwt-extended
@@ -20,3 +20,4 @@ requests
 sdnotify
 sqlalchemy>=1.4.23
 sqlalchemy_utils>=0.37.6
+Werkzeug<2.3.0