- Update to 3.1.0:
* Drop support for Python 3.8.
* Update minimum dependency versions to latest feature releases.
Werkzeug >= 3.1, ItsDangerous >= 2.2, Blinker >= 1.9.
* Provide a configuration option to control automatic option responses.
* Flask.open_resource/open_instance_resource and Blueprint.open_resource
take an encoding parameter to use when opening in text mode. It defaults
to utf-8.
* Request.max_content_length can be customized per-request instead of only
through the MAX_CONTENT_LENGTH config.
* Add support for the Partitioned cookie attribute (CHIPS), with the
SESSION_COOKIE_PARTITIONED config.
* -e path takes precedence over default .env and .flaskenv files.
load_dotenv loads default files in addition to a path unless
load_defaults=False is passed.
* Support key rotation with the SECRET_KEY_FALLBACKS config, a list of old
secret keys that can still be used for unsigning.
* Fix how setting host_matching=True or subdomain_matching=False interacts
with SERVER_NAME. Setting SERVER_NAME no longer restricts requests to
only that domain.
* Request.trusted_hosts is checked during routing, and can be set through
the TRUSTED_HOSTS config.
OBS-URL: https://build.opensuse.org/request/show/1244038
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Flask?expand=0&rev=42
* Drop support for Python 3.8.
* Update minimum dependency versions to latest feature releases.
Werkzeug >= 3.1, ItsDangerous >= 2.2, Blinker >= 1.9.
* Provide a configuration option to control automatic option responses.
* Flask.open_resource/open_instance_resource and Blueprint.open_resource
take an encoding parameter to use when opening in text mode. It defaults
to utf-8.
* Request.max_content_length can be customized per-request instead of only
through the MAX_CONTENT_LENGTH config.
* Add support for the Partitioned cookie attribute (CHIPS), with the
SESSION_COOKIE_PARTITIONED config.
* -e path takes precedence over default .env and .flaskenv files.
load_dotenv loads default files in addition to a path unless
load_defaults=False is passed.
* Support key rotation with the SECRET_KEY_FALLBACKS config, a list of old
secret keys that can still be used for unsigning.
* Fix how setting host_matching=True or subdomain_matching=False interacts
with SERVER_NAME. Setting SERVER_NAME no longer restricts requests to
only that domain.
* Request.trusted_hosts is checked during routing, and can be set through
the TRUSTED_HOSTS config.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask?expand=0&rev=50
- update to 3.0.1:
* Correct type for path argument to send_file. :issue:`5230`
* Fix a typo in an error message for the flask run --key
option. :pr:`5344`
* Session data is untagged without relying on the built-in
json.loads object_hook. This allows other JSON providers that
don't implement that. :issue:`5381`
* Address more type findings when using mypy strict mode.
:pr:`5383`
* Remove previously deprecated code. :pr:`5223`
* Deprecate the __version__ attribute. Use feature detection,
or importlib.metadata.version("flask"), instead.
:issue:`5230`
* Restructure the code such that the Flask (app) and Blueprint
classes have Sans-IO bases. :pr:`5127`
* Allow self as an argument to url_for. :pr:`5264`
* Require Werkzeug >= 3.0.0.
* Add an --exclude-patterns option to the flask run CLI command to
* Relax typing for errorhandler to allow the user to use more precise
* From Werkzeug, for redirect responses the Location header URL will
* Add Config.from_prefixed_env() to load config values from environment
variables that start with FLASK_ or another prefix. This parses values as
* Fixed the issue where typing requires template global decorators to
- Set the default encoding to “UTF-8” when loading .env and .flaskenv
- flask shell sets up tab and history completion like the default
- add dependency on itsdangerous
OBS-URL: https://build.opensuse.org/request/show/1140137
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Flask?expand=0&rev=38
* Correct type for path argument to send_file. :issue:`5230`
* Fix a typo in an error message for the flask run --key
option. :pr:`5344`
* Session data is untagged without relying on the built-in
json.loads object_hook. This allows other JSON providers that
don't implement that. :issue:`5381`
* Address more type findings when using mypy strict mode.
:pr:`5383`
* Remove previously deprecated code. :pr:`5223`
* Deprecate the __version__ attribute. Use feature detection,
or importlib.metadata.version("flask"), instead.
:issue:`5230`
* Restructure the code such that the Flask (app) and Blueprint
classes have Sans-IO bases. :pr:`5127`
* Allow self as an argument to url_for. :pr:`5264`
* Require Werkzeug >= 3.0.0.
* Add an --exclude-patterns option to the flask run CLI command to
* Relax typing for errorhandler to allow the user to use more precise
* From Werkzeug, for redirect responses the Location header URL will
* Add Config.from_prefixed_env() to load config values from environment
variables that start with FLASK_ or another prefix. This parses values as
* Fixed the issue where typing requires template global decorators to
- Set the default encoding to “UTF-8” when loading .env and .flaskenv
- flask shell sets up tab and history completion like the default
- add dependency on itsdangerous
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask?expand=0&rev=42
* Python 3.12 compatibility.
* Require Werkzeug >= 2.3.7.
* Use ``flit_core`` instead of ``setuptools`` as build backend.
* Refactor how an app's root and instance paths are determined.
- Fiddle with captialisation again, I look forward to this flipping back
to Flask at some point.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask?expand=0&rev=40
- Update to 2.3.2:
* Set ``Vary: Cookie`` header when the session is accessed, modified, or
refreshed.
* Update Werkzeug requirement to >=2.3.3 to apply recent bug fixes.
* Restore deprecated ``from flask import Markup``.
* Drop support for Python 3.7.
* Update minimum requirements to the latest versions.
* Remove previously deprecated code.
* Importing ``escape`` and ``Markup`` from ``flask`` is deprecated.
* The ``app.got_first_request`` property is deprecated.
* The ``locked_cached_property`` decorator is deprecated.
* Signals are always available. ``blinker>=1.6.2`` is a required dependency.
* Signals support ``async`` subscriber functions.
* Remove uses of locks that could cause requests to block each other very
briefly.
* Use modern packaging metadata with ``pyproject.toml``.
* Ensure subdomains are applied with nested blueprints.
* If a blueprint is created with an empty name it raises a ``ValueError``.
* ``SESSION_COOKIE_DOMAIN`` does not fall back to ``SERVER_NAME``.
* The ``routes`` command shows each rule's ``subdomain`` or ``host``
when domain matching is in use.
* Use postponed evaluation of annotations.
- Switch to pyproject macros.
- Delete unneeded .gitignore files, update rpmlintrc
OBS-URL: https://build.opensuse.org/request/show/1101890
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Flask?expand=0&rev=35
* Set ``Vary: Cookie`` header when the session is accessed, modified, or
refreshed.
* Update Werkzeug requirement to >=2.3.3 to apply recent bug fixes.
* Restore deprecated ``from flask import Markup``.
* Drop support for Python 3.7.
* Update minimum requirements to the latest versions.
* Remove previously deprecated code.
* Importing ``escape`` and ``Markup`` from ``flask`` is deprecated.
* The ``app.got_first_request`` property is deprecated.
* The ``locked_cached_property`` decorator is deprecated.
* Signals are always available. ``blinker>=1.6.2`` is a required dependency.
* Signals support ``async`` subscriber functions.
* Remove uses of locks that could cause requests to block each other very
briefly.
* Use modern packaging metadata with ``pyproject.toml``.
* Ensure subdomains are applied with nested blueprints.
* If a blueprint is created with an empty name it raises a ``ValueError``.
* ``SESSION_COOKIE_DOMAIN`` does not fall back to ``SERVER_NAME``.
* The ``routes`` command shows each rule's ``subdomain`` or ``host``
when domain matching is in use.
* Use postponed evaluation of annotations.
- Switch to pyproject macros.
- Delete unneeded .gitignore files, update rpmlintrc
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask?expand=0&rev=36
- update to 2.2.5 (bsc#1211246, CVE-2023-30861):
* Set ``Vary: Cookie`` header when the session is accessed,
modified, or refreshed.
* Update for compatibility with Werkzeug 2.3.
* Autoescape is enabled by default for ``.svg`` template
files. :issue:`4831`
* Fix the type of ``template_folder`` to accept
``pathlib.Path``. :issue:`4892`
* Add ``--debug`` option to the ``flask run`` command.
:issue:`4777`
OBS-URL: https://build.opensuse.org/request/show/1086038
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Flask?expand=0&rev=34
* Set ``Vary: Cookie`` header when the session is accessed,
modified, or refreshed.
* Update for compatibility with Werkzeug 2.3.
* Autoescape is enabled by default for ``.svg`` template
files. :issue:`4831`
* Fix the type of ``template_folder`` to accept
``pathlib.Path``. :issue:`4892`
* Add ``--debug`` option to the ``flask run`` command.
:issue:`4777`
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:flask/python-Flask?expand=0&rev=34
- Update to 2.0.3
* The test client's ``as_tuple`` parameter is deprecated and will be
removed in Werkzeug 2.1. It is now also deprecated in Flask, to be
removed in Flask 2.1, while remaining compatible with both in
2.0.x. Use ``response.request.environ`` instead. PR#4341
* Fix type annotation for ``errorhandler`` decorator. #4295
* Revert a change to the CLI that caused it to hide ``ImportError``
tracebacks when importing the application. #4307
* ``app.json_encoder`` and ``json_decoder`` are only passed to
``dumps`` and ``loads`` if they have custom behavior. This improves
performance, mainly on PyPy. #4349
* Clearer error message when ``after_this_request`` is used outside a
request context. #4333
OBS-URL: https://build.opensuse.org/request/show/954385
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Flask?expand=0&rev=28
- Update to 1.1.1:
* The flask.json_available flag was added back for compatibility with some
extensions. It will raise a deprecation warning when used, and will be
removed in version 2.0.0. #3288
- specfile:
* updated version of Werkzeug requirement to 0.15
* AUTHORS file not in tar-ball
* license file got renamed to LICENSE.rst
* be more specific in %files section
- update to version 1.1.0:
* Bump minimum Werkzeug version to >= 0.15.
* Drop support for Python 3.4.
* Error handlers for "InternalServerError" or "500" will always be
passed an instance of "InternalServerError". If they are invoked
due to an unhandled exception, that original exception is now
available as "e.original_exception" rather than being passed
directly to the handler. The same is true if the handler is for
the base "HTTPException". This makes error handler behavior more
consistent. :pr:`3266`
+ :meth:`Flask.finalize_request` is called for all unhandled
exceptions even if there is no "500" error handler.
* :attr:`Flask.logger` takes the same name as :attr:`Flask.name`
(the value passed as "Flask(import_name)". This reverts 1.0's
behavior of always logging to ""flask.app"", in order to support
multiple apps in the same process. A warning will be shown if
old configuration is detected that needs to be
moved. :issue:`2866`
* :meth:`flask.RequestContext.copy` includes the current session
object in the request context copy. This prevents "session"
OBS-URL: https://build.opensuse.org/request/show/717080
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-Flask?expand=0&rev=21
