Bump werkzeug from 0.15.6 to 1.0.1

[dependabot]

Bumps werkzeug from 0.15.6 to 1.0.1.

Release notes

Sourced from werkzeug's releases.

1.0.1

• Changelog: https://werkzeug.palletsprojects.com/en/1.0.x/changes/#version-1-0-1

1.0.0

After 13 years of development, we're finally 1.0!

Note that previously deprecated code has been removed in this release. Use 0.16.1 as an intermediate step to see deprecation warnings and upgrade.

• Blog: https://palletsprojects.com/blog/werkzeug-1-0-0-released
• Changelog: https://werkzeug.palletsprojects.com/en/1.0.x/changes/#version-1-0-0
• Twitter: https://twitter.com/PalletsTeam/status/1225561504004689920

1.0.0 Release Candidate 1

• Changes: https://werkzeug.palletsprojects.com/en/master/changes/#version-1-0-0

Use the --pre flag to install this pre-release:

pip install --pre Werkzeug==1.0.0rc1

0.16.1

• Changelog: https://werkzeug.palletsprojects.com/en/0.16.x/changes/#version-0-16-1

0.16.0

Most of the top-level attributes in the werkzeug module are now deprecated, and will be removed in 1.0.0.

For example, instead of import werkzeug; werkzeug.url_quote, do from werkzeug.urls import url_quote. A deprecation warning will show the correct import to use. werkzeug.exceptions and werkzeug.routing should also be imported instead of accessed, but for technical reasons can’t show a warning.

• Blog: https://palletsprojects.com/blog/werkzeug-0-16-0-released
• Changelog: https://werkzeug.palletsprojects.com/en/0.16.x/changes/#version-0-16-0

Changelog

Sourced from werkzeug's changelog.

Version 1.0.1

Released 2020-03-31

• Make the argument to RequestRedirect.get_response optional. :issue:1718
• Only allow a single access control allow origin value. :pr:1723
• Fix crash when trying to parse a non-existent Content Security Policy header. :pr:1731
• http_date zero fills years < 1000 to always output four digits. :issue:1739
• Fix missing local variables in interactive debugger console. :issue:1746
• Fix passing file-like objects like io.BytesIO to FileStorage.save. :issue:1733

Version 1.0.0

Released 2020-02-06

• Drop support for Python 3.4. (:issue:1478)
• Remove code that issued deprecation warnings in version 0.15. (:issue:1477)
• Remove most top-level attributes provided by the werkzeug module in favor of direct imports. For example, instead of import werkzeug; werkzeug.url_quote, do from werkzeug.urls import url_quote. Install version 0.16 first to see deprecation warnings while upgrading. :issue:2, :pr:1640
• Added utils.invalidate_cached_property() to invalidate cached properties. (:pr:1474)
• Directive keys for the Set-Cookie response header are not ignored when parsing the Cookie request header. This allows cookies with names such as "expires" and "version". (:issue:1495)
• Request cookies are parsed into a MultiDict to capture all values for cookies with the same key. cookies[key] returns the first value rather than the last. Use cookies.getlist(key) to get all values. parse_cookie also defaults to a MultiDict. :issue:1562, :pr:1458
• Add charset=utf-8 to an HTTP exception response's CONTENT_TYPE header. (:pr:1526)
• The interactive debugger handles outer variables in nested scopes such as lambdas and comprehensions. :issue:913, :issue:1037, :pr:1532
• The user agent for Opera 60 on Mac is correctly reported as "opera" instead of "chrome". :issue:1556
• The platform for Crosswalk on Android is correctly reported as "android" instead of "chromeos". (:pr:1572)

... (truncated)

Commits

• 1dde4b1 release version 1.0.1
• 1527e05 Merge pull request #1743 from Dreamsorcerer/patch-1
• a9ba22a Add missing documentation about None return type.
• 244b486 Merge pull request #1734 from alexa-infra/fix-filestorage-save-bytes-io
• c341a0a fix os.fspath call on file-like objects
• 32f3b07 Merge pull request #1741 from mbertoldi/1.0.x
• c761ff8 fix locals in InteractiveConsole
• 6ff5cd1 Merge pull request #1740 from nicolary/hf-zfill_4_year_dump_date
• b70df18 zfill year < 1000
• 8568bed Merge pull request #1736 from magula/1.0.x
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)