Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update dependency flask to v2 #9

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

mend-for-github-com[bot]
Copy link

@mend-for-github-com mend-for-github-com bot commented May 3, 2023

This PR contains the following updates:

Package Update Change
flask (changelog) major ==1.0.2 -> ==2.2.5

By merging this PR, the below vulnerabilities will be automatically resolved:

Severity CVSS Score CVE
High High 7.5 CVE-2023-30861

Release Notes

pallets/flask (flask)

v2.2.5

Compare Source

Released 2023-05-02

  • Update for compatibility with Werkzeug 2.3.3.
  • Set Vary: Cookie header when the session is accessed, modified, or refreshed.

v2.2.4

Compare Source

Released 2023-04-25

  • Update for compatibility with Werkzeug 2.3.

v2.2.3

Compare Source

Released 2023-02-15

  • Autoescape is enabled by default for .svg template files. :issue:4831
  • Fix the type of template_folder to accept pathlib.Path. :issue:4892
  • Add --debug option to the flask run command. :issue:4777

v2.2.2

Compare Source

Released 2022-08-08

  • Update Werkzeug dependency to >= 2.2.2. This includes fixes related
    to the new faster router, header parsing, and the development
    server. :pr:4754
  • Fix the default value for app.env to be "production". This
    attribute remains deprecated. :issue:4740

v2.2.1

Compare Source

Released 2022-08-03

  • Setting or accessing json_encoder or json_decoder raises a
    deprecation warning. :issue:4732

v2.2.0

Compare Source

Released 2022-08-01

  • Remove previously deprecated code. :pr:4667

    • Old names for some send_file parameters have been removed.
      download_name replaces attachment_filename, max_age
      replaces cache_timeout, and etag replaces add_etags.
      Additionally, path replaces filename in
      send_from_directory.
    • The RequestContext.g property returning AppContext.g is
      removed.
  • Update Werkzeug dependency to >= 2.2.

  • The app and request contexts are managed using Python context vars
    directly rather than Werkzeug's LocalStack. This should result
    in better performance and memory use. :pr:4682

    • Extension maintainers, be aware that _app_ctx_stack.top
      and _request_ctx_stack.top are deprecated. Store data on
      g instead using a unique prefix, like
      g._extension_name_attr.
  • The FLASK_ENV environment variable and app.env attribute are
    deprecated, removing the distinction between development and debug
    mode. Debug mode should be controlled directly using the --debug
    option or app.run(debug=True). :issue:4714

  • Some attributes that proxied config keys on app are deprecated:
    session_cookie_name, send_file_max_age_default,
    use_x_sendfile, propagate_exceptions, and
    templates_auto_reload. Use the relevant config keys instead.
    :issue:4716

  • Add new customization points to the Flask app object for many
    previously global behaviors.

    • flask.url_for will call app.url_for. :issue:4568
    • flask.abort will call app.aborter.
      Flask.aborter_class and Flask.make_aborter can be used
      to customize this aborter. :issue:4567
    • flask.redirect will call app.redirect. :issue:4569
    • flask.json is an instance of JSONProvider. A different
      provider can be set to use a different JSON library.
      flask.jsonify will call app.json.response, other
      functions in flask.json will call corresponding functions in
      app.json. :pr:4692
  • JSON configuration is moved to attributes on the default
    app.json provider. JSON_AS_ASCII, JSON_SORT_KEYS,
    JSONIFY_MIMETYPE, and JSONIFY_PRETTYPRINT_REGULAR are
    deprecated. :pr:4692

  • Setting custom json_encoder and json_decoder classes on the
    app or a blueprint, and the corresponding json.JSONEncoder and
    JSONDecoder classes, are deprecated. JSON behavior can now be
    overridden using the app.json provider interface. :pr:4692

  • json.htmlsafe_dumps and json.htmlsafe_dump are deprecated,
    the function is built-in to Jinja now. :pr:4692

  • Refactor register_error_handler to consolidate error checking.
    Rewrite some error messages to be more consistent. :issue:4559

  • Use Blueprint decorators and functions intended for setup after
    registering the blueprint will show a warning. In the next version,
    this will become an error just like the application setup methods.
    :issue:4571

  • before_first_request is deprecated. Run setup code when creating
    the application instead. :issue:4605

  • Added the View.init_every_request class attribute. If a view
    subclass sets this to False, the view will not create a new
    instance on every request. :issue:2520.

  • A flask.cli.FlaskGroup Click group can be nested as a
    sub-command in a custom CLI. :issue:3263

  • Add --app and --debug options to the flask CLI, instead
    of requiring that they are set through environment variables.
    :issue:2836

  • Add --env-file option to the flask CLI. This allows
    specifying a dotenv file to load in addition to .env and
    .flaskenv. :issue:3108

  • It is no longer required to decorate custom CLI commands on
    app.cli or blueprint.cli with @with_appcontext, an app
    context will already be active at that point. :issue:2410

  • SessionInterface.get_expiration_time uses a timezone-aware
    value. :pr:4645

  • View functions can return generators directly instead of wrapping
    them in a Response. :pr:4629

  • Add stream_template and stream_template_string functions to
    render a template as a stream of pieces. :pr:4629

  • A new implementation of context preservation during debugging and
    testing. :pr:4666

    • request, g, and other context-locals point to the
      correct data when running code in the interactive debugger
      console. :issue:2836
    • Teardown functions are always run at the end of the request,
      even if the context is preserved. They are also run after the
      preserved context is popped.
    • stream_with_context preserves context separately from a
      with client block. It will be cleaned up when
      response.get_data() or response.close() is called.
  • Allow returning a list from a view function, to convert it to a
    JSON response like a dict is. :issue:4672

  • When type checking, allow TypedDict to be returned from view
    functions. :pr:4695

  • Remove the --eager-loading/--lazy-loading options from the
    flask run command. The app is always eager loaded the first
    time, then lazily loaded in the reloader. The reloader always prints
    errors immediately but continues serving. Remove the internal
    DispatchingApp middleware used by the previous implementation.
    :issue:4715

v2.1.3

Compare Source

Released 2022-07-13

  • Inline some optional imports that are only used for certain CLI
    commands. :pr:4606
  • Relax type annotation for after_request functions. :issue:4600
  • instance_path for namespace packages uses the path closest to
    the imported submodule. :issue:4610
  • Clearer error message when render_template and
    render_template_string are used outside an application context.
    :pr:4693

v2.1.2

Compare Source

Released 2022-04-28

  • Fix type annotation for json.loads, it accepts str or bytes.
    :issue:4519
  • The --cert and --key options on flask run can be given
    in either order. :issue:4459

v2.1.1

Compare Source

Released on 2022-03-30

  • Set the minimum required version of importlib_metadata to 3.6.0,
    which is required on Python < 3.10. :issue:4502

v2.1.0

Compare Source

Released 2022-03-28

  • Drop support for Python 3.6. :pr:4335

  • Update Click dependency to >= 8.0. :pr:4008

  • Remove previously deprecated code. :pr:4337

    • The CLI does not pass script_info to app factory functions.
    • config.from_json is replaced by
      config.from_file(name, load=json.load).
    • json functions no longer take an encoding parameter.
    • safe_join is removed, use werkzeug.utils.safe_join
      instead.
    • total_seconds is removed, use timedelta.total_seconds
      instead.
    • The same blueprint cannot be registered with the same name. Use
      name= when registering to specify a unique name.
    • The test client's as_tuple parameter is removed. Use
      response.request.environ instead. :pr:4417
  • Some parameters in send_file and send_from_directory were
    renamed in 2.0. The deprecation period for the old names is extended
    to 2.2. Be sure to test with deprecation warnings visible.

    • attachment_filename is renamed to download_name.
    • cache_timeout is renamed to max_age.
    • add_etags is renamed to etag.
    • filename is renamed to path.
  • The RequestContext.g property is deprecated. Use g directly
    or AppContext.g instead. :issue:3898

  • copy_current_request_context can decorate async functions.
    :pr:4303

  • The CLI uses importlib.metadata instead of pkg_resources to
    load command entry points. :issue:4419

  • Overriding FlaskClient.open will not cause an error on redirect.
    :issue:3396

  • Add an --exclude-patterns option to the flask run CLI
    command to specify patterns that will be ignored by the reloader.
    :issue:4188

  • When using lazy loading (the default with the debugger), the Click
    context from the flask run command remains available in the
    loader thread. :issue:4460

  • Deleting the session cookie uses the httponly flag.
    :issue:4485

  • Relax typing for errorhandler to allow the user to use more
    precise types and decorate the same function multiple times.
    :issue:4095, 4295, 4297

  • Fix typing for __exit__ methods for better compatibility with
    ExitStack. :issue:4474

  • From Werkzeug, for redirect responses the Location header URL
    will remain relative, and exclude the scheme and domain, by default.
    :pr:4496

  • Add Config.from_prefixed_env() to load config values from
    environment variables that start with FLASK_ or another prefix.
    This parses values as JSON by default, and allows setting keys in
    nested dicts. :pr:4479

v2.0.3

Compare Source

Released 2022-02-14

  • The test client's as_tuple parameter is deprecated and will be
    removed in Werkzeug 2.1. It is now also deprecated in Flask, to be
    removed in Flask 2.1, while remaining compatible with both in
    2.0.x. Use response.request.environ instead. :pr:4341
  • Fix type annotation for errorhandler decorator. :issue:4295
  • Revert a change to the CLI that caused it to hide ImportError
    tracebacks when importing the application. :issue:4307
  • app.json_encoder and json_decoder are only passed to
    dumps and loads if they have custom behavior. This improves
    performance, mainly on PyPy. :issue:4349
  • Clearer error message when after_this_request is used outside a
    request context. :issue:4333

v2.0.2

Compare Source

Released 2021-10-04

  • Fix type annotation for teardown_* methods. :issue:4093
  • Fix type annotation for before_request and before_app_request
    decorators. :issue:4104
  • Fixed the issue where typing requires template global
    decorators to accept functions with no arguments. :issue:4098
  • Support View and MethodView instances with async handlers. :issue:4112
  • Enhance typing of app.errorhandler decorator. :issue:4095
  • Fix registering a blueprint twice with differing names. :issue:4124
  • Fix the type of static_folder to accept pathlib.Path.
    :issue:4150
  • jsonify handles decimal.Decimal by encoding to str.
    :issue:4157
  • Correctly handle raising deferred errors in CLI lazy loading.
    :issue:4096
  • The CLI loader handles **kwargs in a create_app function.
    :issue:4170
  • Fix the order of before_request and other callbacks that trigger
    before the view returns. They are called from the app down to the
    closest nested blueprint. :issue:4229

v2.0.1

Compare Source

Released 2021-05-21

  • Re-add the filename parameter in send_from_directory. The
    filename parameter has been renamed to path, the old name
    is deprecated. :pr:4019
  • Mark top-level names as exported so type checking understands
    imports in user projects. :issue:4024
  • Fix type annotation for g and inform mypy that it is a namespace
    object that has arbitrary attributes. :issue:4020
  • Fix some types that weren't available in Python 3.6.0. :issue:4040
  • Improve typing for send_file, send_from_directory, and
    get_send_file_max_age. :issue:4044, :pr:4026
  • Show an error when a blueprint name contains a dot. The . has
    special meaning, it is used to separate (nested) blueprint names and
    the endpoint name. :issue:4041
  • Combine URL prefixes when nesting blueprints that were created with
    a url_prefix value. :issue:4037
  • Revert a change to the order that URL matching was done. The
    URL is again matched after the session is loaded, so the session is
    available in custom URL converters. :issue:4053
  • Re-add deprecated Config.from_json, which was accidentally
    removed early. :issue:4078
  • Improve typing for some functions using Callable in their type
    signatures, focusing on decorator factories. :issue:4060
  • Nested blueprints are registered with their dotted name. This allows
    different blueprints with the same name to be nested at different
    locations. :issue:4069
  • register_blueprint takes a name option to change the
    (pre-dotted) name the blueprint is registered with. This allows the
    same blueprint to be registered multiple times with unique names for
    url_for. Registering the same blueprint with the same name
    multiple times is deprecated. :issue:1091
  • Improve typing for stream_with_context. :issue:4052

v2.0.0

Compare Source

Released 2021-05-11

  • Drop support for Python 2 and 3.5.
  • Bump minimum versions of other Pallets projects: Werkzeug >= 2,
    Jinja2 >= 3, MarkupSafe >= 2, ItsDangerous >= 2, Click >= 8. Be sure
    to check the change logs for each project. For better compatibility
    with other applications (e.g. Celery) that still require Click 7,
    there is no hard dependency on Click 8 yet, but using Click 7 will
    trigger a DeprecationWarning and Flask 2.1 will depend on Click 8.
  • JSON support no longer uses simplejson. To use another JSON module,
    override app.json_encoder and json_decoder. :issue:3555
  • The encoding option to JSON functions is deprecated. :pr:3562
  • Passing script_info to app factory functions is deprecated. This
    was not portable outside the flask command. Use
    click.get_current_context().obj if it's needed. :issue:3552
  • The CLI shows better error messages when the app failed to load
    when looking up commands. :issue:2741
  • Add SessionInterface.get_cookie_name to allow setting the
    session cookie name dynamically. :pr:3369
  • Add Config.from_file to load config using arbitrary file
    loaders, such as toml.load or json.load.
    Config.from_json is deprecated in favor of this. :pr:3398
  • The flask run command will only defer errors on reload. Errors
    present during the initial call will cause the server to exit with
    the traceback immediately. :issue:3431
  • send_file raises a ValueError when passed an io object
    in text mode. Previously, it would respond with 200 OK and an empty
    file. :issue:3358
  • When using ad-hoc certificates, check for the cryptography library
    instead of PyOpenSSL. :pr:3492
  • When specifying a factory function with FLASK_APP, keyword
    argument can be passed. :issue:3553
  • When loading a .env or .flaskenv file, the current working
    directory is no longer changed to the location of the file.
    :pr:3560
  • When returning a (response, headers) tuple from a view, the
    headers replace rather than extend existing headers on the response.
    For example, this allows setting the Content-Type for
    jsonify(). Use response.headers.extend() if extending is
    desired. :issue:3628
  • The Scaffold class provides a common API for the Flask and
    Blueprint classes. Blueprint information is stored in
    attributes just like Flask, rather than opaque lambda functions.
    This is intended to improve consistency and maintainability.
    :issue:3215
  • Include samesite and secure options when removing the
    session cookie. :pr:3726
  • Support passing a pathlib.Path to static_folder. :pr:3579
  • send_file and send_from_directory are wrappers around the
    implementations in werkzeug.utils. :pr:3828
  • Some send_file parameters have been renamed, the old names are
    deprecated. attachment_filename is renamed to download_name.
    cache_timeout is renamed to max_age. add_etags is
    renamed to etag. :pr:3828, 3883
  • send_file passes download_name even if
    as_attachment=False by using Content-Disposition: inline.
    :pr:3828
  • send_file sets conditional=True and max_age=None by
    default. Cache-Control is set to no-cache if max_age is
    not set, otherwise public. This tells browsers to validate
    conditional requests instead of using a timed cache. :pr:3828
  • helpers.safe_join is deprecated. Use
    werkzeug.utils.safe_join instead. :pr:3828
  • The request context does route matching before opening the session.
    This could allow a session interface to change behavior based on
    request.endpoint. :issue:3776
  • Use Jinja's implementation of the |tojson filter. :issue:3881
  • Add route decorators for common HTTP methods. For example,
    @app.post("/login") is a shortcut for
    @app.route("/login", methods=["POST"]). :pr:3907
  • Support async views, error handlers, before and after request, and
    teardown functions. :pr:3412
  • Support nesting blueprints. :issue:593, 1548, :pr:3923
  • Set the default encoding to "UTF-8" when loading .env and
    .flaskenv files to allow to use non-ASCII characters. :issue:3931
  • flask shell sets up tab and history completion like the default
    python shell if readline is installed. :issue:3941
  • helpers.total_seconds() is deprecated. Use
    timedelta.total_seconds() instead. :pr:3962
  • Add type hinting. :pr:3973.

v1.1.4

Compare Source

Released 2021-05-13

  • Update static_folder to use _compat.fspath instead of
    os.fspath to continue supporting Python < 3.6 :issue:4050

v1.1.3

Compare Source

Released 2021-05-13

  • Set maximum versions of Werkzeug, Jinja, Click, and ItsDangerous.
    :issue:4043
  • Re-add support for passing a pathlib.Path for static_folder.
    :pr:3579

v1.1.2

Compare Source

Released 2020-04-03

  • Work around an issue when running the flask command with an
    external debugger on Windows. :issue:3297
  • The static route will not catch all URLs if the Flask
    static_folder argument ends with a slash. :issue:3452

v1.1.1

Compare Source

Released 2019-07-08

  • The flask.json_available flag was added back for compatibility
    with some extensions. It will raise a deprecation warning when used,
    and will be removed in version 2.0.0. :issue:3288

v1.1.0

Compare Source

Released 2019-07-04

  • Bump minimum Werkzeug version to >= 0.15.

  • Drop support for Python 3.4.

  • Error handlers for InternalServerError or 500 will always be
    passed an instance of InternalServerError. If they are invoked
    due to an unhandled exception, that original exception is now
    available as e.original_exception rather than being passed
    directly to the handler. The same is true if the handler is for the
    base HTTPException. This makes error handler behavior more
    consistent. :pr:3266

    • Flask.finalize_request is called for all unhandled
      exceptions even if there is no 500 error handler.
  • Flask.logger takes the same name as Flask.name (the value
    passed as Flask(import_name). This reverts 1.0's behavior of
    always logging to "flask.app", in order to support multiple apps
    in the same process. A warning will be shown if old configuration is
    detected that needs to be moved. :issue:2866

  • RequestContext.copy includes the current session object in the
    request context copy. This prevents session pointing to an
    out-of-date object. :issue:2935

  • Using built-in RequestContext, unprintable Unicode characters in
    Host header will result in a HTTP 400 response and not HTTP 500 as
    previously. :pr:2994

  • send_file supports PathLike objects as described in
    :pep:519, to support pathlib in Python 3. :pr:3059

  • send_file supports BytesIO partial content.
    :issue:2957

  • open_resource accepts the "rt" file mode. This still does the
    same thing as "r". :issue:3163

  • The MethodView.methods attribute set in a base class is used by
    subclasses. :issue:3138

  • Flask.jinja_options is a dict instead of an
    ImmutableDict to allow easier configuration. Changes must still
    be made before creating the environment. :pr:3190

  • Flask's JSONMixin for the request and response wrappers was
    moved into Werkzeug. Use Werkzeug's version with Flask-specific
    support. This bumps the Werkzeug dependency to >= 0.15.
    :issue:3125

  • The flask command entry point is simplified to take advantage
    of Werkzeug 0.15's better reloader support. This bumps the Werkzeug
    dependency to >= 0.15. :issue:3022

  • Support static_url_path that ends with a forward slash.
    :issue:3134

  • Support empty static_folder without requiring setting an empty
    static_url_path as well. :pr:3124

  • jsonify supports dataclass objects. :pr:3195

  • Allow customizing the Flask.url_map_class used for routing.
    :pr:3069

  • The development server port can be set to 0, which tells the OS to
    pick an available port. :issue:2926

  • The return value from cli.load_dotenv is more consistent with
    the documentation. It will return False if python-dotenv is not
    installed, or if the given path isn't a file. :issue:2937

  • Signaling support has a stub for the connect_via method when
    the Blinker library is not installed. :pr:3208

  • Add an --extra-files option to the flask run CLI command to
    specify extra files that will trigger the reloader on change.
    :issue:2897

  • Allow returning a dictionary from a view function. Similar to how
    returning a string will produce a text/html response, returning
    a dict will call jsonify to produce a application/json
    response. :pr:3111

  • Blueprints have a cli Click group like app.cli. CLI commands
    registered with a blueprint will be available as a group under the
    flask command. :issue:1357.

  • When using the test client as a context manager (with client:),
    all preserved request contexts are popped when the block exits,
    ensuring nested contexts are cleaned up correctly. :pr:3157

  • Show a better error message when the view return type is not
    supported. :issue:3214

  • flask.testing.make_test_environ_builder() has been deprecated in
    favour of a new class flask.testing.EnvironBuilder. :pr:3232

  • The flask run command no longer fails if Python is not built
    with SSL support. Using the --cert option will show an
    appropriate error message. :issue:3211

  • URL matching now occurs after the request context is pushed, rather
    than when it's created. This allows custom URL converters to access
    the app and request contexts, such as to query a database for an id.
    :issue:3088

v1.0.4

Compare Source

Released 2019-07-04

  • The key information for BadRequestKeyError is no longer cleared
    outside debug mode, so error handlers can still access it. This
    requires upgrading to Werkzeug 0.15.5. :issue:3249
  • send_file url quotes the ":" and "/" characters for more
    compatible UTF-8 filename support in some browsers. :issue:3074
  • Fixes for :pep:451 import loaders and pytest 5.x. :issue:3275
  • Show message about dotenv on stderr instead of stdout. :issue:3285

v1.0.3

Compare Source

Released 2019-05-17

  • send_file encodes filenames as ASCII instead of Latin-1
    (ISO-8859-1). This fixes compatibility with Gunicorn, which is
    stricter about header encodings than :pep:3333. :issue:2766
  • Allow custom CLIs using FlaskGroup to set the debug flag without
    it always being overwritten based on environment variables.
    :pr:2765
  • flask --version outputs Werkzeug's version and simplifies the
    Python version. :pr:2825
  • send_file handles an attachment_filename that is a native
    Python 2 string (bytes) with UTF-8 coded bytes. :issue:2933
  • A catch-all error handler registered for HTTPException will not
    handle RoutingException, which is used internally during
    routing. This fixes the unexpected behavior that had been introduced
    in 1.0. :pr:2986
  • Passing the json argument to app.test_client does not
    push/pop an extra app context. :issue:2900

  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot added the security fix Security fix generated by Mend label May 3, 2023
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 2 times, most recently from 524afee to d332c46 Compare August 29, 2023 04:56
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 2 times, most recently from fa539e5 to 61786bc Compare September 6, 2023 05:13
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 4 times, most recently from 23edd4a to 95fb5b3 Compare September 18, 2023 04:21
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 4 times, most recently from a0b55ab to e325f3a Compare October 11, 2023 07:03
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 4 times, most recently from 9d30799 to 0c45cfa Compare October 26, 2023 12:11
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 2 times, most recently from c11d525 to c5ead88 Compare October 31, 2023 04:45
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 3 times, most recently from aa1b4cb to 131e343 Compare November 23, 2023 05:30
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 2 times, most recently from 3800276 to 714bb3f Compare November 30, 2023 04:57
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 2 times, most recently from fcb5cf8 to 5dd981d Compare December 11, 2023 05:01
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 3 times, most recently from d2e7213 to ba7f4c0 Compare December 19, 2023 05:10
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch from ba7f4c0 to b6bf964 Compare December 21, 2023 01:36
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 4 times, most recently from 171c1ac to 1d4fec2 Compare August 17, 2024 01:35
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 3 times, most recently from f81c228 to f0322c0 Compare August 26, 2024 21:24
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 4 times, most recently from 2922206 to 48d8ab5 Compare September 6, 2024 00:15
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 2 times, most recently from dc1003e to 8d45294 Compare September 8, 2024 20:32
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 5 times, most recently from 8118946 to 7316beb Compare September 27, 2024 21:32
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 2 times, most recently from 2c4136c to 5730ba4 Compare October 5, 2024 21:48
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 2 times, most recently from 8261a8e to d30efcc Compare October 11, 2024 03:25
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch from d30efcc to e67de8a Compare October 19, 2024 00:27
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch 2 times, most recently from d868af3 to 942b75c Compare November 1, 2024 18:14
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch from 942b75c to a16ae2a Compare November 15, 2024 03:49
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch from a16ae2a to e5345ce Compare December 18, 2024 12:09
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch from e5345ce to 5bcb01f Compare January 9, 2025 18:13
@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/flask-2.x branch from 5bcb01f to e788f45 Compare January 21, 2025 13:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
security fix Security fix generated by Mend
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants