All Versions
51
Latest Version
Avg Release Cycle
170 days
Latest Release
-

Changelog History
Page 3

  • v1.0.4 Changes

    July 09, 2019

    ๐Ÿš€ Released 2019-07-04

    • The key information for BadRequestKeyError is no longer cleared outside debug mode, so error handlers can still access it. This requires upgrading to Werkzeug 0.15.5. :issue:3249
    • send_file url quotes the ":" and "/" characters for more compatible UTF-8 filename support in some browsers. :issue:3074
    • โœ… Fixes for :pep:451 import loaders and pytest 5.x. :issue:3275
    • Show message about dotenv on stderr instead of stdout. :issue:3285
  • v1.0.3 Changes

    July 09, 2019

    ๐Ÿš€ Released 2019-05-17

    • :func:send_file encodes filenames as ASCII instead of Latin-1 (ISO-8859-1). This fixes compatibility with Gunicorn, which is stricter about header encodings than PEP 3333. :issue:2766
    • Allow custom CLIs using FlaskGroup to set the debug flag without it always being overwritten based on environment variables. :pr:2765
    • flask --version outputs Werkzeug's version and simplifies the Python version. :pr:2825
    • :func:send_file handles an attachment_filename that is a native Python 2 string (bytes) with UTF-8 coded bytes. :issue:2933
    • A catch-all error handler registered for HTTPException will not handle RoutingException, which is used internally during routing. This fixes the unexpected behavior that had been introduced in 1.0. :pr:2986
    • โœ… Passing the json argument to app.test_client does not push/pop an extra app context. :issue:2900
  • v1.0.2 Changes

    May 02, 2018

    ๐Ÿš€ This release includes bug fixes and minor changes since 1.0.1. See the changelog for details.

    โฌ†๏ธ Install or Upgrade

    Install from PyPI with pip:

    pip install -U Flask
    
  • v1.0.1 Changes

    April 30, 2018

    ๐Ÿš€ Released 2018-04-29

    • Fix registering partials (with no __name__) as view functions. :pr:2730
    • Don't treat lists returned from view functions the same as tuples. Only tuples are interpreted as response data. :issue:2736
    • ๐Ÿ–จ Extra slashes between a blueprint's url_prefix and a route URL are merged. This fixes some backwards compatibility issues with the change in 1.0. :issue:2731, :issue:2742
    • Only trap BadRequestKeyError errors in debug mode, not all BadRequest errors. This allows abort(400) to continue working as expected. :issue:2735
    • The FLASK_SKIP_DOTENV environment variable can be set to 1 to skip automatically loading dotenv files. :issue:2722
  • v1.0 Changes

    April 26, 2018

    ๐Ÿš€ Released 2018-04-26

    • ๐Ÿ‘ Python 2.6 and 3.3 are no longer supported.
    • โœ… Bump minimum dependency versions to the latest stable versions: Werkzeug >= 0.14, Jinja >= 2.10, itsdangerous >= 0.24, Click >= 5.1. :issue:2586
    • Skip :meth:app.run <Flask.run> when a Flask application is run from the command line. This avoids some behavior that was confusing to debug.
    • ๐Ÿ–จ Change the default for :data:JSONIFY_PRETTYPRINT_REGULAR to False. :func:~json.jsonify returns a compact format by default, and an indented format in debug mode. :pr:2193
    • :meth:Flask.__init__ <Flask> accepts the host_matching argument and sets it on :attr:~Flask.url_map. :issue:1559
    • :meth:Flask.__init__ <Flask> accepts the static_host argument and passes it as the host argument when defining the static route. :issue:1559
    • ๐Ÿ‘ :func:send_file supports Unicode in attachment_filename. :pr:2223
    • Pass _scheme argument from :func:url_for to :meth:~Flask.handle_url_build_error. :pr:2017
    • :meth:~Flask.add_url_rule accepts the provide_automatic_options argument to disable adding the OPTIONS method. :pr:1489
    • :class:~views.MethodView subclasses inherit method handlers from base classes. :pr:1936
    • Errors caused while opening the session at the beginning of the request are handled by the app's error handlers. :pr:2254
    • ๐Ÿ–จ Blueprints gained :attr:~Blueprint.json_encoder and :attr:~Blueprint.json_decoder attributes to override the app's encoder and decoder. :pr:1898
    • :meth:Flask.make_response raises TypeError instead of ValueError for bad response types. The error messages have been improved to describe why the type is invalid. :pr:2256
    • Add routes CLI command to output routes registered on the application. :pr:2259
    • โš  Show warning when session cookie domain is a bare hostname or an IP address, as these may not behave properly in some browsers, such as Chrome. :pr:2282
    • Allow IP address as exact session cookie domain. :pr:2282
    • SESSION_COOKIE_DOMAIN is set if it is detected through SERVER_NAME. :pr:2282
    • Auto-detect zero-argument app factory called create_app or make_app from FLASK_APP. :pr:2297
    • Factory functions are not required to take a script_info parameter to work with the flask command. If they take a single parameter or a parameter named script_info, the :class:~cli.ScriptInfo object will be passed. :pr:2319
    • FLASK_APP can be set to an app factory, with arguments if needed, for example FLASK_APP=myproject.app:create_app('dev'). :pr:2326
    • ๐Ÿ“ฆ FLASK_APP can point to local packages that are not installed in editable mode, although pip install -e is still preferred. :pr:2414
    • The :class:~views.View class attribute :attr:~views.View.provide_automatic_options is set in :meth:~views.View.as_view, to be detected by :meth:~Flask.add_url_rule. :pr:2316
    • ๐Ÿ–จ Error handling will try handlers registered for blueprint, code, app, code, blueprint, exception, app, exception. :pr:2314
    • Cookie is added to the response's Vary header if the session is accessed at all during the request (and not deleted). :pr:2288
    • :meth:~Flask.test_request_context accepts subdomain and url_scheme arguments for use when building the base URL. :pr:1621
    • 0๏ธโƒฃ Set :data:APPLICATION_ROOT to '/' by default. This was already the implicit default when it was set to None.
    • :data:TRAP_BAD_REQUEST_ERRORS is enabled by default in debug mode. BadRequestKeyError has a message with the bad key in debug mode instead of the generic bad request message. :pr:2348
    • Allow registering new tags with :class:~json.tag.TaggedJSONSerializer to support storing other types in the session cookie. :pr:2352
    • Only open the session if the request has not been pushed onto the context stack yet. This allows :func:~stream_with_context generators to access the same session that the containing view uses. :pr:2354
    • โœ… Add json keyword argument for the test client request methods. This will dump the given object as JSON and set the appropriate content type. :pr:2358
    • Extract JSON handling to a mixin applied to both the :class:Request and :class:Response classes. This adds the :meth:~Response.is_json and :meth:~Response.get_json methods to the response to make testing JSON response much easier. :pr:2358
    • ๐Ÿšš Removed error handler caching because it caused unexpected results for some exception inheritance hierarchies. Register handlers explicitly for each exception if you want to avoid traversing the MRO. :pr:2362
    • Fix incorrect JSON encoding of aware, non-UTC datetimes. :pr:2374
    • Template auto reloading will honor debug mode even even if :attr:~Flask.jinja_env was already accessed. :pr:2373
    • ๐Ÿšš The following old deprecated code was removed. :issue:2385

      • flask.ext - import extensions directly by their name instead of through the flask.ext namespace. For example, import flask.ext.sqlalchemy becomes import flask_sqlalchemy.
      • Flask.init_jinja_globals - extend :meth:Flask.create_jinja_environment instead.
      • Flask.error_handlers - tracked by :attr:Flask.error_handler_spec, use :meth:Flask.errorhandler to register handlers.
      • Flask.request_globals_class - use :attr:Flask.app_ctx_globals_class instead.
      • Flask.static_path - use :attr:Flask.static_url_path instead.
      • Request.module - use :attr:Request.blueprint instead.
    • ๐Ÿ—„ The :attr:Request.json property is no longer deprecated. :issue:1421

    • โœ… Support passing a :class:~werkzeug.test.EnvironBuilder or dict to :meth:test_client.open <werkzeug.test.Client.open>. :pr:2412

    • The flask command and :meth:Flask.run will load environment variables from .env and .flaskenv files if python-dotenv is installed. :pr:2416

    • โœ… When passing a full URL to the test client, the scheme in the URL is used instead of :data:PREFERRED_URL_SCHEME. :pr:2430

    • :attr:Flask.logger has been simplified. LOGGER_NAME and LOGGER_HANDLER_POLICY config was removed. The logger is always named flask.app. The level is only set on first access, it doesn't check :attr:Flask.debug each time. Only one format is used, not different ones depending on :attr:Flask.debug. No handlers are removed, and a handler is only added if no handlers are already configured. :pr:2436

    • ๐Ÿ–จ Blueprint view function names may not contain dots. :pr:2450

    • Fix a ValueError caused by invalid Range requests in some cases. :issue:2526

    • 0๏ธโƒฃ The development server uses threads by default. :pr:2529

    • Loading config files with silent=True will ignore :data:~errno.ENOTDIR errors. :pr:2581

    • Pass --cert and --key options to flask run to run the development server over HTTPS. :pr:2606

    • Added :data:SESSION_COOKIE_SAMESITE to control the SameSite attribute on the session cookie. :pr:2607

    • Added :meth:~flask.Flask.test_cli_runner to create a Click runner that can invoke Flask CLI commands for testing. :pr:2636

    • 0๏ธโƒฃ Subdomain matching is disabled by default and setting :data:SERVER_NAME does not implicitly enable it. It can be enabled by passing subdomain_matching=True to the Flask constructor. :pr:2635

    • ๐Ÿ–จ A single trailing slash is stripped from the blueprint url_prefix when it is registered with the app. :pr:2629

    • ๐Ÿ“œ :meth:Request.get_json doesn't cache the result if parsing fails when silent is true. :issue:2651

    • :func:Request.get_json no longer accepts arbitrary encodings. Incoming JSON should be encoded using UTF-8 per :rfc:8259, but Flask will autodetect UTF-8, -16, or -32. :pr:2691

    • Added :data:MAX_COOKIE_SIZE and :attr:Response.max_cookie_size to control when Werkzeug warns about large cookies that browsers may ignore. :pr:2693

    • ๐Ÿ“š Updated documentation theme to make docs look better in small windows. :pr:2709

    • ๐Ÿ“„ Rewrote the tutorial docs and example project to take a more structured approach to help new users avoid common pitfalls. :pr:2676

  • v0.12.5 Changes

    February 10, 2020

    ๐Ÿš€ Released 2020-02-10

    • ๐Ÿ“Œ Pin Werkzeug to < 1.0.0. :issue:3497
  • v0.12.4 Changes

    April 30, 2018

    ๐Ÿš€ This is a repackage of 0.12.3 to fix an issue with how the package was built.

    โฌ†๏ธ Upgrade

    โฌ†๏ธ Upgrade from PyPI with pip. Use a version identifier if you want to stay at 0.12:

    pip install -U 'Flask~=0.12.4'
    
  • v0.12.3 Changes

    April 26, 2018

    ๐Ÿš€ This release includes an important security fix for JSON and a minor backport for CLI support in PyCharm. It is provided for projects that cannot update to Flask 1.0 immediately. See the 1.0 announcement and update to it instead if possible.

    ๐Ÿ”’ JSON Security Fix

    Flask previously decoded incoming JSON bytes using the content type of the request. Although JSON should only be encoded as UTF-8, Flask was more lenient. However, Python includes non-text related encodings that could result in unexpected memory use by a request.

    ๐Ÿ‘ Flask will now detect the encoding of incoming JSON data as one of the supported UTF encodings, and will not allow arbitrary encodings from the request.

    โฌ†๏ธ Upgrade

    โฌ†๏ธ Upgrade from PyPI with pip. Use a version identifier if you want to stay at 0.12:

    pip install -U 'Flask~=0.12.3'
    

    โฌ†๏ธ Or upgrade to 1.0:

    pip install -U Flask
    
  • v0.12.2 Changes

    ๐Ÿš€ Released 2017-05-16

    • ๐Ÿ Fix a bug in safe_join on Windows.
  • v0.12.1 Changes

    ๐Ÿš€ Released 2017-03-31

    • Prevent flask run from showing a NoAppException when an ImportError occurs within the imported application module.
    • Fix encoding behavior of app.config.from_pyfile for Python 3. :issue:2118
    • 0๏ธโƒฃ Use the SERVER_NAME config if it is present as default values for app.run. :issue:2109, :pr:2152
    • ๐Ÿ‘ป Call ctx.auto_pop with the exception object instead of None, in the event that a BaseException such as KeyboardInterrupt is raised in a request handler.