Bump werkzeug from 2.3.4 to 2.3.6 #5901

dependabot · 2023-06-09T11:09:04Z

Bumps werkzeug from 2.3.4 to 2.3.6.

Release notes

2.3.6

This is a fix release for the 2.3.x feature branch.

Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-6

Milestone: https://github.com/pallets/werkzeug/milestone/32?closed=1

2.3.5

This is a fix release for the 2.3.x feature branch.

Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-5

Milestone: https://github.com/pallets/werkzeug/milestone/31?closed=1

Changelog

Sourced from werkzeug's changelog.

Version 2.3.6

Released 2023-06-08

FileStorage.content_length does not fail if the form data did not provide a value. :issue:2726

Version 2.3.5

Released 2023-06-07

Python 3.12 compatibility. :issue:2704

Fix handling of invalid base64 values in Authorization.from_header. :issue:2717

The debugger escapes the exception message in the page title. :pr:2719

When binding routing.Map, a long IDNA server_name with a port does not fail encoding. :issue:2700

iri_to_uri shows a deprecation warning instead of an error when passing bytes. :issue:2708

When parsing numbers in HTTP request headers such as Content-Length, only ASCII digits are accepted rather than any format that Python's int and float accept. :issue:2716

Commits

c6f3c2a release version 2.3.6
f91304f remove docs links from docstrings
bb24506 FileStorage.content_length does not fail if no length was provided (#2727)
a184111 fix parsing error in FileStorage.content_length
3a8de8d start version 2.3.6
62b7ed6 release version 2.3.5 (#2724)
2c9b513 release version 2.3.5
86c5c78 fail on Python's extended int/float syntax (#2723)
6290332 fail on Python's extended int/float syntax
1892c10 show warning instead of error when passing bytes to iri_to_uri (#2709)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [werkzeug](https://github.com/pallets/werkzeug) from 2.3.4 to 2.3.6. - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](pallets/werkzeug@2.3.4...2.3.6) --- updated-dependencies: - dependency-name: werkzeug dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>

Aadesh-Baral · 2023-07-06T09:09:12Z

@dependabot rebase

dependabot · 2023-07-06T09:09:14Z

Looks like this PR is already up-to-date with develop! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.