Update flask to 1.0.3

[pyup-bot]

This PR updates flask from 0.10.1 to 1.0.3.

Changelog

1.0.3

-------------

Unreleased

-   :func:`send_file` encodes filenames as ASCII instead of Latin-1
 (ISO-8859-1). This fixes compatibility with Gunicorn, which is
 stricter about header encodings than PEP 3333. (`2766`_)
-   Allow custom CLIs using ``FlaskGroup`` to set the debug flag without
 it always being overwritten based on environment variables.
 (`2765`_)
-   ``flask --version`` outputs Werkzeug's version and simplifies the
 Python version. (`2825`_)
-   :func:`send_file` handles an ``attachment_filename`` that is a
 native Python 2 string (bytes) with UTF-8 coded bytes. (`2933`_)
-   A catch-all error handler registered for ``HTTPException`` will not
 handle ``RoutingException``, which is used internally during
 routing. This fixes the unexpected behavior that had been introduced
 in 1.0. (`2986`_)

.. _2766: https://github.com/pallets/flask/issues/2766
.. _2765: https://github.com/pallets/flask/pull/2765
.. _2825: https://github.com/pallets/flask/pull/2825
.. _2933: https://github.com/pallets/flask/issues/2933
.. _2986: https://github.com/pallets/flask/pull/2986

1.0.2

-------------

Released on May 2nd 2018

-   Fix more backwards compatibility issues with merging slashes between
 a blueprint prefix and route. (`2748`_)
-   Fix error with ``flask routes`` command when there are no routes.
 (`2751`_)

.. _2748: https://github.com/pallets/flask/pull/2748
.. _2751: https://github.com/pallets/flask/issues/2751

1.0.1

-------------

Released on April 29th 2018

-   Fix registering partials (with no ``__name__``) as view functions.
 (`2730`_)
-   Don't treat lists returned from view functions the same as tuples.
 Only tuples are interpreted as response data. (`2736`_)
-   Extra slashes between a blueprint's ``url_prefix`` and a route URL
 are merged. This fixes some backwards compatibility issues with the
 change in 1.0. (`2731`_, `2742`_)
-   Only trap ``BadRequestKeyError`` errors in debug mode, not all
 ``BadRequest`` errors. This allows ``abort(400)`` to continue
 working as expected. (`2735`_)
-   The ``FLASK_SKIP_DOTENV`` environment variable can be set to ``1``
 to skip automatically loading dotenv files. (`2722`_)

.. _2722: https://github.com/pallets/flask/issues/2722
.. _2730: https://github.com/pallets/flask/pull/2730
.. _2731: https://github.com/pallets/flask/issues/2731
.. _2735: https://github.com/pallets/flask/issues/2735
.. _2736: https://github.com/pallets/flask/issues/2736
.. _2742: https://github.com/pallets/flask/issues/2742

1.0

-----------

Released on April 26th 2018

-   **Python 2.6 and 3.3 are no longer supported.** (`pallets/meta24`_)
-   Bump minimum dependency versions to the latest stable versions:
 Werkzeug >= 0.14, Jinja >= 2.10, itsdangerous >= 0.24, Click >= 5.1.
 (`2586`_)
-   Skip :meth:`app.run <Flask.run>` when a Flask application is run
 from the command line. This avoids some behavior that was confusing
 to debug.
-   Change the default for :data:`JSONIFY_PRETTYPRINT_REGULAR` to
 ``False``. :func:`~json.jsonify` returns a compact format by
 default, and an indented format in debug mode. (`2193`_)
-   :meth:`Flask.__init__ <Flask>` accepts the ``host_matching``
 argument and sets it on :attr:`~Flask.url_map`. (`1559`_)
-   :meth:`Flask.__init__ <Flask>` accepts the ``static_host`` argument
 and passes it as the ``host`` argument when defining the static
 route. (`1559`_)
-   :func:`send_file` supports Unicode in ``attachment_filename``.
 (`2223`_)
-   Pass ``_scheme`` argument from :func:`url_for` to
 :meth:`~Flask.handle_url_build_error`. (`2017`_)
-   :meth:`~Flask.add_url_rule` accepts the
 ``provide_automatic_options`` argument to disable adding the
 ``OPTIONS`` method. (`1489`_)
-   :class:`~views.MethodView` subclasses inherit method handlers from
 base classes. (`1936`_)
-   Errors caused while opening the session at the beginning of the
 request are handled by the app's error handlers. (`2254`_)
-   Blueprints gained :attr:`~Blueprint.json_encoder` and
 :attr:`~Blueprint.json_decoder` attributes to override the app's
 encoder and decoder. (`1898`_)
-   :meth:`Flask.make_response` raises ``TypeError`` instead of
 ``ValueError`` for bad response types. The error messages have been
 improved to describe why the type is invalid. (`2256`_)
-   Add ``routes`` CLI command to output routes registered on the
 application. (`2259`_)
-   Show warning when session cookie domain is a bare hostname or an IP
 address, as these may not behave properly in some browsers, such as
 Chrome. (`2282`_)
-   Allow IP address as exact session cookie domain. (`2282`_)
-   ``SESSION_COOKIE_DOMAIN`` is set if it is detected through
 ``SERVER_NAME``. (`2282`_)
-   Auto-detect zero-argument app factory called ``create_app`` or
 ``make_app`` from ``FLASK_APP``. (`2297`_)
-   Factory functions are not required to take a ``script_info``
 parameter to work with the ``flask`` command. If they take a single
 parameter or a parameter named ``script_info``, the
 :class:`~cli.ScriptInfo` object will be passed. (`2319`_)
-   ``FLASK_APP`` can be set to an app factory, with arguments if
 needed, for example ``FLASK_APP=myproject.app:create_app('dev')``.
 (`2326`_)
-   ``FLASK_APP`` can point to local packages that are not installed in
 editable mode, although ``pip install -e`` is still preferred.
 (`2414`_)
-   The :class:`~views.View` class attribute
 :attr:`~views.View.provide_automatic_options` is set in
 :meth:`~views.View.as_view`, to be detected by
 :meth:`~Flask.add_url_rule`. (`2316`_)
-   Error handling will try handlers registered for ``blueprint, code``,
 ``app, code``, ``blueprint, exception``, ``app, exception``.
 (`2314`_)
-   ``Cookie`` is added to the response's ``Vary`` header if the session
 is accessed at all during the request (and not deleted). (`2288`_)
-   :meth:`~Flask.test_request_context` accepts ``subdomain`` and
 ``url_scheme`` arguments for use when building the base URL.
 (`1621`_)
-   Set :data:`APPLICATION_ROOT` to ``'/'`` by default. This was already
 the implicit default when it was set to ``None``.
-   :data:`TRAP_BAD_REQUEST_ERRORS` is enabled by default in debug mode.
 ``BadRequestKeyError`` has a message with the bad key in debug mode
 instead of the generic bad request message. (`2348`_)
-   Allow registering new tags with
 :class:`~json.tag.TaggedJSONSerializer` to support storing other
 types in the session cookie. (`2352`_)
-   Only open the session if the request has not been pushed onto the
 context stack yet. This allows :func:`~stream_with_context`
 generators to access the same session that the containing view uses.
 (`2354`_)
-   Add ``json`` keyword argument for the test client request methods.
 This will dump the given object as JSON and set the appropriate
 content type. (`2358`_)
-   Extract JSON handling to a mixin applied to both the
 :class:`Request` and :class:`Response` classes. This adds the
 :meth:`~Response.is_json` and :meth:`~Response.get_json` methods to
 the response to make testing JSON response much easier. (`2358`_)
-   Removed error handler caching because it caused unexpected results
 for some exception inheritance hierarchies. Register handlers
 explicitly for each exception if you want to avoid traversing the
 MRO. (`2362`_)
-   Fix incorrect JSON encoding of aware, non-UTC datetimes. (`2374`_)
-   Template auto reloading will honor debug mode even even if
 :attr:`~Flask.jinja_env` was already accessed. (`2373`_)
-   The following old deprecated code was removed. (`2385`_)

 -   ``flask.ext`` - import extensions directly by their name instead
     of through the ``flask.ext`` namespace. For example,
     ``import flask.ext.sqlalchemy`` becomes
     ``import flask_sqlalchemy``.
 -   ``Flask.init_jinja_globals`` - extend
     :meth:`Flask.create_jinja_environment` instead.
 -   ``Flask.error_handlers`` - tracked by
     :attr:`Flask.error_handler_spec`, use :meth:`Flask.errorhandler`
     to register handlers.
 -   ``Flask.request_globals_class`` - use
     :attr:`Flask.app_ctx_globals_class` instead.
 -   ``Flask.static_path`` - use :attr:`Flask.static_url_path`
     instead.
 -   ``Request.module`` - use :attr:`Request.blueprint` instead.

-   The :attr:`Request.json` property is no longer deprecated.
 (`1421`_)
-   Support passing a :class:`~werkzeug.test.EnvironBuilder` or
 ``dict`` to :meth:`test_client.open <werkzeug.test.Client.open>`.
 (`2412`_)
-   The ``flask`` command and :meth:`Flask.run` will load environment
 variables from ``.env`` and ``.flaskenv`` files if python-dotenv is
 installed. (`2416`_)
-   When passing a full URL to the test client, the scheme in the URL is
 used instead of :data:`PREFERRED_URL_SCHEME`. (`2430`_)
-   :attr:`Flask.logger` has been simplified. ``LOGGER_NAME`` and
 ``LOGGER_HANDLER_POLICY`` config was removed. The logger is always
 named ``flask.app``. The level is only set on first access, it
 doesn't check :attr:`Flask.debug` each time. Only one format is
 used, not different ones depending on :attr:`Flask.debug`. No
 handlers are removed, and a handler is only added if no handlers are
 already configured. (`2436`_)
-   Blueprint view function names may not contain dots. (`2450`_)
-   Fix a ``ValueError`` caused by invalid ``Range`` requests in some
 cases. (`2526`_)
-   The development server uses threads by default. (`2529`_)
-   Loading config files with ``silent=True`` will ignore
 :data:`~errno.ENOTDIR` errors. (`2581`_)
-   Pass ``--cert`` and ``--key`` options to ``flask run`` to run the
 development server over HTTPS. (`2606`_)
-   Added :data:`SESSION_COOKIE_SAMESITE` to control the ``SameSite``
 attribute on the session cookie. (`2607`_)
-   Added :meth:`~flask.Flask.test_cli_runner` to create a Click runner
 that can invoke Flask CLI commands for testing. (`2636`_)
-   Subdomain matching is disabled by default and setting
 :data:`SERVER_NAME` does not implicitly enable it. It can be enabled
 by passing ``subdomain_matching=True`` to the ``Flask`` constructor.
 (`2635`_)
-   A single trailing slash is stripped from the blueprint
 ``url_prefix`` when it is registered with the app. (`2629`_)
-   :meth:`Request.get_json` doesn't cache the
 result if parsing fails when ``silent`` is true. (`2651`_)
-   :func:`Request.get_json` no longer accepts arbitrary encodings.
 Incoming JSON should be encoded using UTF-8 per :rfc:`8259`, but
 Flask will autodetect UTF-8, -16, or -32. (`2691`_)
-   Added :data:`MAX_COOKIE_SIZE` and :attr:`Response.max_cookie_size`
 to control when Werkzeug warns about large cookies that browsers may
 ignore. (`2693`_)
-   Updated documentation theme to make docs look better in small
 windows. (`2709`_)
-   Rewrote the tutorial docs and example project to take a more
 structured approach to help new users avoid common pitfalls.
 (`2676`_)

.. _pallets/meta24: https://github.com/pallets/meta/issues/24
.. _1421: https://github.com/pallets/flask/issues/1421
.. _1489: https://github.com/pallets/flask/pull/1489
.. _1559: https://github.com/pallets/flask/issues/1559
.. _1621: https://github.com/pallets/flask/pull/1621
.. _1898: https://github.com/pallets/flask/pull/1898
.. _1936: https://github.com/pallets/flask/pull/1936
.. _2017: https://github.com/pallets/flask/pull/2017
.. _2193: https://github.com/pallets/flask/pull/2193
.. _2223: https://github.com/pallets/flask/pull/2223
.. _2254: https://github.com/pallets/flask/pull/2254
.. _2256: https://github.com/pallets/flask/pull/2256
.. _2259: https://github.com/pallets/flask/pull/2259
.. _2282: https://github.com/pallets/flask/pull/2282
.. _2288: https://github.com/pallets/flask/pull/2288
.. _2297: https://github.com/pallets/flask/pull/2297
.. _2314: https://github.com/pallets/flask/pull/2314
.. _2316: https://github.com/pallets/flask/pull/2316
.. _2319: https://github.com/pallets/flask/pull/2319
.. _2326: https://github.com/pallets/flask/pull/2326
.. _2348: https://github.com/pallets/flask/pull/2348
.. _2352: https://github.com/pallets/flask/pull/2352
.. _2354: https://github.com/pallets/flask/pull/2354
.. _2358: https://github.com/pallets/flask/pull/2358
.. _2362: https://github.com/pallets/flask/pull/2362
.. _2374: https://github.com/pallets/flask/pull/2374
.. _2373: https://github.com/pallets/flask/pull/2373
.. _2385: https://github.com/pallets/flask/issues/2385
.. _2412: https://github.com/pallets/flask/pull/2412
.. _2414: https://github.com/pallets/flask/pull/2414
.. _2416: https://github.com/pallets/flask/pull/2416
.. _2430: https://github.com/pallets/flask/pull/2430
.. _2436: https://github.com/pallets/flask/pull/2436
.. _2450: https://github.com/pallets/flask/pull/2450
.. _2526: https://github.com/pallets/flask/issues/2526
.. _2529: https://github.com/pallets/flask/pull/2529
.. _2586: https://github.com/pallets/flask/issues/2586
.. _2581: https://github.com/pallets/flask/pull/2581
.. _2606: https://github.com/pallets/flask/pull/2606
.. _2607: https://github.com/pallets/flask/pull/2607
.. _2636: https://github.com/pallets/flask/pull/2636
.. _2635: https://github.com/pallets/flask/pull/2635
.. _2629: https://github.com/pallets/flask/pull/2629
.. _2651: https://github.com/pallets/flask/issues/2651
.. _2676: https://github.com/pallets/flask/pull/2676
.. _2691: https://github.com/pallets/flask/pull/2691
.. _2693: https://github.com/pallets/flask/pull/2693
.. _2709: https://github.com/pallets/flask/pull/2709

0.12.4

--------------

Released on April 29 2018

-   Repackage 0.12.3 to fix package layout issue. (`2728`_)

.. _2728: https://github.com/pallets/flask/issues/2728

0.12.3

--------------

Released on April 26th 2018

-   :func:`Request.get_json` no longer accepts arbitrary encodings.
 Incoming JSON should be encoded using UTF-8 per :rfc:`8259`, but
 Flask will autodetect UTF-8, -16, or -32. (`2692`_)
-   Fix a Python warning about imports when using ``python -m flask``.
 (`2666`_)
-   Fix a ``ValueError`` caused by invalid ``Range`` requests in some
 cases.

.. _2666: https://github.com/pallets/flask/issues/2666
.. _2692: https://github.com/pallets/flask/issues/2692

0.12.2

--------------

Released on May 16 2017

- Fix a bug in `safe_join` on Windows.

0.12.1

--------------

Bugfix release, released on March 31st 2017

- Prevent `flask run` from showing a NoAppException when an ImportError occurs
within the imported application module.
- Fix encoding behavior of ``app.config.from_pyfile`` for Python 3. Fix
``2118``.
- Use the ``SERVER_NAME`` config if it is present as default values for
``app.run``. ``2109``, ``2152``
- Call `ctx.auto_pop` with the exception object instead of `None`, in the
event that a `BaseException` such as `KeyboardInterrupt` is raised in a
request handler.

0.12

------------

Released on December 21st 2016, codename Punsch.

- the cli command now responds to `--version`.
- Mimetype guessing and ETag generation for file-like objects in ``send_file``
has been removed, as per issue ``104``. (`1849`_)
- Mimetype guessing in ``send_file`` now fails loudly and doesn't fall back to
``application/octet-stream``. (`1988`_)
- Make ``flask.safe_join`` able to join multiple paths like ``os.path.join``
(`1730`_).
- Revert a behavior change that made the dev server crash instead of returning
an Internal Server Error (`2006`_).
- Correctly invoke response handlers for both regular request dispatching as
well as error handlers.
- Disable logger propagation by default for the app logger.
- Add support for range requests in ``send_file``.
- ``app.test_client`` includes preset default environment, which can now be
directly set, instead of per ``client.get``.

.. _1849: https://github.com/pallets/flask/pull/1849
.. _1988: https://github.com/pallets/flask/pull/1988
.. _1730: https://github.com/pallets/flask/pull/1730
.. _2006: https://github.com/pallets/flask/pull/2006

0.11.2

--------------

Bugfix release, unreleased

- Fix crash when running under PyPy3. (`1814`_)

.. _1814: https://github.com/pallets/flask/pull/1814

0.11.1

--------------

Bugfix release, released on June 7th 2016.

- Fixed a bug that prevented ``FLASK_APP=foobar/__init__.py`` from working. (`1872`_)

.. _1872: https://github.com/pallets/flask/pull/1872

0.11

------------

Released on May 29th 2016, codename Absinthe.

- Added support to serializing top-level arrays to :func:`flask.jsonify`. This
introduces a security risk in ancient browsers. See
:ref:`json-security` for details.
- Added before_render_template signal.
- Added `**kwargs` to :meth:`flask.Test.test_client` to support passing
additional keyword arguments to the constructor of
:attr:`flask.Flask.test_client_class`.
- Added ``SESSION_REFRESH_EACH_REQUEST`` config key that controls the
set-cookie behavior.  If set to ``True`` a permanent session will be
refreshed each request and get their lifetime extended, if set to
``False`` it will only be modified if the session actually modifies.
Non permanent sessions are not affected by this and will always
expire if the browser window closes.
- Made Flask support custom JSON mimetypes for incoming data.
- Added support for returning tuples in the form ``(response, headers)``
from a view function.
- Added :meth:`flask.Config.from_json`.
- Added :attr:`flask.Flask.config_class`.
- Added :meth:`flask.Config.get_namespace`.
- Templates are no longer automatically reloaded outside of debug mode. This
can be configured with the new ``TEMPLATES_AUTO_RELOAD`` config key.
- Added a workaround for a limitation in Python 3.3's namespace loader.
- Added support for explicit root paths when using Python 3.3's namespace
packages.
- Added :command:`flask` and the ``flask.cli`` module to start the local
debug server through the click CLI system.  This is recommended over the old
``flask.run()`` method as it works faster and more reliable due to a
different design and also replaces ``Flask-Script``.
- Error handlers that match specific classes are now checked first,
thereby allowing catching exceptions that are subclasses of HTTP
exceptions (in ``werkzeug.exceptions``).  This makes it possible
for an extension author to create exceptions that will by default
result in the HTTP error of their choosing, but may be caught with
a custom error handler if desired.
- Added :meth:`flask.Config.from_mapping`.
- Flask will now log by default even if debug is disabled.  The log format is
now hardcoded but the default log handling can be disabled through the
``LOGGER_HANDLER_POLICY`` configuration key.
- Removed deprecated module functionality.
- Added the ``EXPLAIN_TEMPLATE_LOADING`` config flag which when enabled will
instruct Flask to explain how it locates templates.  This should help
users debug when the wrong templates are loaded.
- Enforce blueprint handling in the order they were registered for template
loading.
- Ported test suite to py.test.
- Deprecated ``request.json`` in favour of ``request.get_json()``.
- Add "pretty" and "compressed" separators definitions in jsonify() method.
Reduces JSON response size when JSONIFY_PRETTYPRINT_REGULAR=False by removing
unnecessary white space included by default after separators.
- JSON responses are now terminated with a newline character, because it is a
convention that UNIX text files end with a newline and some clients don't
deal well when this newline is missing. See
https://github.com/pallets/flask/pull/1262 -- this came up originally as a
part of https://github.com/kennethreitz/httpbin/issues/168
- The automatically provided ``OPTIONS`` method is now correctly disabled if
the user registered an overriding rule with the lowercase-version
``options`` (issue ``1288``).
- ``flask.json.jsonify`` now supports the ``datetime.date`` type (`1326`_).
- Don't leak exception info of already catched exceptions to context teardown
handlers (`1393`_).
- Allow custom Jinja environment subclasses (`1422`_).
- Updated extension dev guidelines.

- ``flask.g`` now has ``pop()`` and ``setdefault`` methods.
- Turn on autoescape for ``flask.templating.render_template_string`` by default
(`1515`_).
- ``flask.ext`` is now deprecated (`1484`_).
- ``send_from_directory`` now raises BadRequest if the filename is invalid on
the server OS (`1763`_).
- Added the ``JSONIFY_MIMETYPE`` configuration variable (`1728`_).
- Exceptions during teardown handling will no longer leave bad application
contexts lingering around.

.. _1326: https://github.com/pallets/flask/pull/1326
.. _1393: https://github.com/pallets/flask/pull/1393
.. _1422: https://github.com/pallets/flask/pull/1422
.. _1515: https://github.com/pallets/flask/pull/1515
.. _1484: https://github.com/pallets/flask/pull/1484
.. _1763: https://github.com/pallets/flask/pull/1763
.. _1728: https://github.com/pallets/flask/pull/1728

0.10.2

--------------

(bugfix release, release date to be announced)

- Fixed broken `test_appcontext_signals()` test case.
- Raise an :exc:`AttributeError` in :func:`flask.helpers.find_package` with a
useful message explaining why it is raised when a PEP 302 import hook is used
without an `is_package()` method.
- Fixed an issue causing exceptions raised before entering a request or app
context to be passed to teardown handlers.
- Fixed an issue with query parameters getting removed from requests in
the test client when absolute URLs were requested.
- Made `before_first_request` into a decorator as intended.
- Fixed an etags bug when sending a file streams with a name.
- Fixed `send_from_directory` not expanding to the application root path
correctly.
- Changed logic of before first request handlers to flip the flag after
invoking.  This will allow some uses that are potentially dangerous but
should probably be permitted.
- Fixed Python 3 bug when a handler from `app.url_build_error_handlers`
reraises the `BuildError`.

Links

• PyPI: https://pypi.org/project/flask
• Changelog: https://pyup.io/changelogs/flask/
• Homepage: https://www.palletsprojects.com/p/flask/

[pyup-bot]

Closing this in favor of #318