summaryrefslogtreecommitdiffstats
path: root/meta-python/recipes-devtools/python/python3-werkzeug_2.2.2.bb
Commit message (Collapse)AuthorAgeFilesLines
* python3-werkzeug: upgrade 2.2.2 -> 2.2.3Wang Mingyu2023-02-271-40/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: ========== - Ensure that URL rules using path converters will redirect with strict slashes when the trailing slash is missing. #2533 - Type signature for get_json specifies that return type is not optional when silent=False. #2508 - parse_content_range_header returns None for a value like bytes */-1 where the length is invalid, instead of raising an AssertionError. #2531 - Address remaining ResourceWarning related to the socket used by run_simple. Remove prepare_socket, which now happens when creating the server. #2421 - Update pre-existing headers for multipart/form-data requests with the test client. #2549 - Fix handling of header extended parameters such that they are no longer quoted. #2529 - LimitedStream.read works correctly when wrapping a stream that may not return the requested size in one read call. #2558 - A cookie header that starts with = is treated as an empty key and discarded, rather than stripping the leading ==. - Specify a maximum number of multipart parts, default 1000, after which a RequestEntityTooLarge exception is raised on parsing. This mitigates a DoS attack where a larger number of form/file parts would result in disproportionate resource use. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
* python3-werkzeug: upgrade 2.2.1 -> 2.2.2Wang Mingyu2022-08-161-0/+40
Changelog: ========== - Fix router to restore the 2.1 strict_slashes == False behaviour whereby leaf-requests match branch rules and vice versa. - Fix router to identify invalid rules rather than hang parsing them, and to correctly parse / within converter arguments. - Update subpackage imports in werkzeug.routing to use the import as syntax for explicitly re-exporting public attributes. - Parsing of some invalid header characters is more robust. - When starting the development server, a warning not to use it in a production deployment is always shown. - LocalProxy.__wrapped__ is always set to the wrapped object when the proxy is unbound, fixing an issue in doctest that would cause it to fail. - Address one ResourceWarning related to the socket used by run_simple. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>