From 4ccaec4a14f2d0b50fcefe8207a51d491551b7e2 Mon Sep 17 00:00:00 2001
From: Louis Dionne <ldionne.2@gmail.com>
Date: Mon, 6 Oct 2025 09:45:24 -0400
Subject: [PATCH] [deps] Bump Werkzeug to 3.1.3

This resolves several Dependabot alerts. Move the pinning down to
requirements.server.text.

Supersedes #26
---
 lnt/server/ui/app.py              |  5 +++--
 lnt/server/ui/regression_views.py |  4 ++--
 requirements.client.txt           |  2 +-
 requirements.server.txt           | 14 +++++++-------
 4 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/lnt/server/ui/app.py b/lnt/server/ui/app.py
index 4ee6436f..b32a9d56 100644
--- a/lnt/server/ui/app.py
+++ b/lnt/server/ui/app.py
@@ -1,4 +1,5 @@
 import io
+import json
 import logging
 import logging.handlers
 import sys
@@ -46,7 +47,7 @@ def __call__(self, environ, start_response):
         return self.app(environ, start_response)
 
 
-class LNTObjectJSONEncoder(flask.json.JSONEncoder):
+class LNTObjectJSONEncoder(json.JSONEncoder):
     """Take SQLAlchemy objects and jsonify them. If the object has an __json__
     method, use that instead."""
 
@@ -74,7 +75,7 @@ def default(self, obj):
 
             return fields
 
-        return flask.json.JSONEncoder.default(self, obj)
+        return json.JSONEncoder.default(self, obj)
 
 
 class Request(flask.Request):
diff --git a/lnt/server/ui/regression_views.py b/lnt/server/ui/regression_views.py
index fe66d5ec..238e9eb1 100644
--- a/lnt/server/ui/regression_views.py
+++ b/lnt/server/ui/regression_views.py
@@ -265,7 +265,7 @@ def name(cls):
     return cls.__class__.__name__
 
 
-class LNTEncoder(flask.json.JSONEncoder):
+class LNTEncoder(json.JSONEncoder):
     """Encode all the common LNT objects."""
     def default(self, obj):
         # Most of our objects have a __json__ defined.
@@ -276,7 +276,7 @@ def default(self, obj):
             return
         if name(obj) == "SampleField":
             return obj.name
-        return flask.json.JSONEncoder.default(self, obj)
+        return json.JSONEncoder.default(self, obj)
 
 
 @v4_route("/regressions/<int:id>", methods=["GET", "POST"])
diff --git a/requirements.client.txt b/requirements.client.txt
index 945c9b46..9c558e35 100644
--- a/requirements.client.txt
+++ b/requirements.client.txt
@@ -1 +1 @@
-.
\ No newline at end of file
+.
diff --git a/requirements.server.txt b/requirements.server.txt
index a5fa0271..543fba2b 100644
--- a/requirements.server.txt
+++ b/requirements.server.txt
@@ -1,19 +1,19 @@
 # These requirements are what you would install on a production server.
 .
 aniso8601==1.2.0
-click==6.7
-Flask-RESTful==0.3.4
-Flask-WTF==0.12
-Flask==0.12.2
+click==8.1.8
+Flask-RESTful==0.3.10
+Flask-WTF==1.2.0
+Flask==3.1.2
 gunicorn==19.9.0
 itsdangerous==0.24
-Jinja2==2.11.3
+Jinja2==3.1.6
 MarkupSafe==1.1.1
 progressbar2
 psycopg2==2.9.10
 python-gnupg==0.3.7
 pytz==2016.10
-pyyaml==5.1.2
+pyyaml==6.0
 SQLAlchemy==1.3.24
-Werkzeug==0.15.6
+Werkzeug==3.1.3
 WTForms==2.0.2