Skip to content

Commit

Permalink
chore(deps): bump werkzeug from 3.0.3 to 3.0.4 (#68)
Browse files Browse the repository at this point in the history
Bumps [werkzeug](https://github.com/pallets/werkzeug) from 3.0.3 to
3.0.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/werkzeug/releases">werkzeug's
releases</a>.</em></p>
<blockquote>
<h2>3.0.4</h2>
<p>This is the Werkzeug 3.0.4 fix release, which fixes bugs but does not
otherwise change behavior and should not result in breaking changes.</p>
<p>PyPI: <a
href="https://pypi.org/project/Werkzeug/3.0.4/">https://pypi.org/project/Werkzeug/3.0.4/</a>
Changes: <a
href="https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4">https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-4</a>
Milestone: <a
href="https://github.com/pallets/werkzeug/milestone/36?closed=1">https://github.com/pallets/werkzeug/milestone/36?closed=1</a></p>
<ul>
<li>Restore behavior where parsing
<code>multipart/x-www-form-urlencoded</code> data with
invalid UTF-8 bytes in the body results in no form data parsed rather
than a
413 error. <a
href="https://redirect.github.com/pallets/werkzeug/issues/2930">#2930</a></li>
<li>Improve <code>parse_options_header</code> performance when parsing
unterminated
quoted string values. <a
href="https://redirect.github.com/pallets/werkzeug/issues/2904">#2904</a></li>
<li>Debugger pin auth is synchronized across threads/processes when
tracking
failed entries. <a
href="https://redirect.github.com/pallets/werkzeug/issues/2916">#2916</a></li>
<li>Dev server handles unexpected <code>SSLEOFError</code> due to issue
in Python &lt; 3.13.
<a
href="https://redirect.github.com/pallets/werkzeug/issues/2926">#2926</a></li>
<li>Debugger pin auth works when the URL already contains a query
string.
<a
href="https://redirect.github.com/pallets/werkzeug/issues/2918">#2918</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/werkzeug/blob/main/CHANGES.rst">werkzeug's
changelog</a>.</em></p>
<blockquote>
<h2>Version 3.0.4</h2>
<p>Released 2024-08-21</p>
<ul>
<li>Restore behavior where parsing
<code>multipart/x-www-form-urlencoded</code> data with
invalid UTF-8 bytes in the body results in no form data parsed rather
than a
413 error. :issue:<code>2930</code></li>
<li>Improve <code>parse_options_header</code> performance when parsing
unterminated
quoted string values. :issue:<code>2904</code></li>
<li>Debugger pin auth is synchronized across threads/processes when
tracking
failed entries. :issue:<code>2916</code></li>
<li>Dev server handles unexpected <code>SSLEOFError</code> due to issue
in Python &lt; 3.13.
:issue:<code>2926</code></li>
<li>Debugger pin auth works when the URL already contains a query
string.
:issue:<code>2918</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/werkzeug/commit/b933ccb1f5eaf378d15ae88488bf993600fdca43"><code>b933ccb</code></a>
release version 3.0.4</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/c09de7301c7c5455772a7cd0a4ca4323a90c8186"><code>c09de73</code></a>
debugger works on urls with query string (<a
href="https://redirect.github.com/pallets/werkzeug/issues/2942">#2942</a>)</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/1d1d987f6399031d33656d366b7bfa9a3960441b"><code>1d1d987</code></a>
debugger works on urls with query string</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/32a77a032a25a7e0c0bbbd1ce2d297268170469f"><code>32a77a0</code></a>
treat SSLEOFError as dropped connection (<a
href="https://redirect.github.com/pallets/werkzeug/issues/2941">#2941</a>)</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/cf18d037faeacfb458e645fa2dbaf25b5bbf1080"><code>cf18d03</code></a>
treat SSLEOFError as dropped connection</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/a1db1209822c5572c177244678e6788add64bf3d"><code>a1db120</code></a>
synchronize failed pin entry (<a
href="https://redirect.github.com/pallets/werkzeug/issues/2940">#2940</a>)</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/650481972fbab9e9d8f0b1af23c4fb6a88b4e8c0"><code>6504819</code></a>
synchronize failed pin entry</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/7abec4b50efdfdf791cebf0019a0fb901f46680e"><code>7abec4b</code></a>
improve parse_options_header performance (<a
href="https://redirect.github.com/pallets/werkzeug/issues/2939">#2939</a>)</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/3a893d27b1a1b7da7a8ec52c297ba163371ddf71"><code>3a893d2</code></a>
improve parse_options_header performance</li>
<li><a
href="https://github.com/pallets/werkzeug/commit/3a52597930846900356ee59b06a349420ca12c9b"><code>3a52597</code></a>
restore invalid bytes behavior for form parser (<a
href="https://redirect.github.com/pallets/werkzeug/issues/2938">#2938</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/werkzeug/compare/3.0.3...3.0.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=werkzeug&package-manager=pip&previous-version=3.0.3&new-version=3.0.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->
## Summary by CodeRabbit


- **Novas Funcionalidades**
- Atualização da dependência Werkzeug para a versão 3.0.4, que pode
incluir correções de bugs e melhorias de desempenho.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
  • Loading branch information
nataliagranato authored Sep 10, 2024
2 parents c92fa88 + 10c6b3e commit a62e839
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion chainguard/requirements.txt
100755 → 100644
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Flask==3.0.3
redis==5.1.0b7
prometheus-client==0.16.0
Werkzeug==3.0.3
Werkzeug==3.0.4
2 changes: 1 addition & 1 deletion src/requirements.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Flask==3.0.3
redis==5.1.0b7
prometheus-client==0.16.0
Werkzeug==3.0.3
Werkzeug==3.0.4

0 comments on commit a62e839

Please sign in to comment.