Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update flask-cors to 4.0.2 #588

Closed
wants to merge 1 commit into from

Conversation

pyup-bot
Copy link
Collaborator

This PR updates flask-cors from 3.0.7 to 4.0.2.

Changelog

4.0.1

Security
* Address [CVE-2024-1681](https://github.com/advisories/GHSA-84pr-m4jr-85g5) which is a log injection vulnerability when the log level is set to debug by aneshujevic in https://github.com/corydolphin/flask-cors/pull/351

4.0.0

* Remove support for Python versions older than 3.8 by WAKayser in https://github.com/corydolphin/flask-cors/pull/330
* Add GHA tooling by corydolphin in https://github.com/corydolphin/flask-cors/pull/331

3.1.01

* Include examples to specify that schema and port must be included in … by YPCrumble in https://github.com/corydolphin/flask-cors/pull/294
* two small changes to the documentation, based on issue 290 by bbbart in https://github.com/corydolphin/flask-cors/pull/291
* Fix typo by sunarch in https://github.com/corydolphin/flask-cors/pull/304
* FIX: typo in CSRF by sattamjh in https://github.com/corydolphin/flask-cors/pull/315
* Test against recent Python versions by pylipp in https://github.com/corydolphin/flask-cors/pull/314
* Correct spelling mistakes by EdwardBetts in https://github.com/corydolphin/flask-cors/pull/311
* 'Access-Control-Allow-Private-Network = true' header for http response by chelo-kjml in https://github.com/corydolphin/flask-cors/pull/318
* docs: Fix a few typos by timgates42 in https://github.com/corydolphin/flask-cors/pull/323
* [Docs] Fix typo in configuration documentation by sachit-shroff in https://github.com/corydolphin/flask-cors/pull/316

3.0.10

Adds support for PPC64 and ARM64 builds for distribution. Thanks sreekanth370

3.0.9

Security
- Escape path before evaluating resource rules (thanks to Colby Morgan). Prior to this, flask-cors incorrectly
evaluated CORS resource matching before path expansion. E.g. "/api/../foo.txt" would incorrectly match resources for
"/api/*" whereas the path actually expands simply to "/foo.txt"

3.0.8

Fixes : DeprecationWarning: Using or importing the ABCs from 'collections' in Python 3.7.
Thank you juanmaneo and jdevera for the contribution.
Links

@pyup-bot
Copy link
Collaborator Author

Closing this in favor of #589

@pyup-bot pyup-bot closed this Aug 31, 2024
@filipsPL filipsPL deleted the pyup-update-flask-cors-3.0.7-to-4.0.2 branch August 31, 2024 01:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant