Bump werkzeug from 0.15.3 to 3.0.2

[dependabot[bot]]

Bumps werkzeug from 0.15.3 to 3.0.2.

Release notes

Sourced from werkzeug's releases.

3.0.2

This is a fix release for the 3.0.x feature branch.

• Changes: https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-2

3.0.1

This is a security release for the 3.0.x feature branch.

• Changes: https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-1

3.0.0

This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 3.0.x branch is now the supported fix branch, the 2.3.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

• Changes: https://werkzeug.palletsprojects.com/en/3.0.x/changes/#version-3-0-0
• Milestone: https://github.com/pallets/werkzeug/milestone/21?closed=1

2.3.8

This is a security release for the 2.3.x feature branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-8

2.3.7

This is a fix release for the 2.3.x feature branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-7
• Milestone: https://github.com/pallets/werkzeug/milestone/33?closed=1

2.3.6

This is a fix release for the 2.3.x feature branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-6
• Milestone: https://github.com/pallets/werkzeug/milestone/32?closed=1

2.3.5

This is a fix release for the 2.3.x feature branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-5
• Milestone: https://github.com/pallets/werkzeug/milestone/31?closed=1

2.3.4

This is a fix release for the 2.3.x release branch.

• Changes: https://werkzeug.palletsprojects.com/en/2.3.x/changes/#version-2-3-4
• Milestone: https://github.com/pallets/werkzeug/milestone/30?closed=1

2.3.3

This is a fix release for the 2.3.x release branch.

... (truncated)

Changelog

Sourced from werkzeug's changelog.

Version 3.0.2

Released 2024-04-01

• Ensure setting merge_slashes to False results in NotFound for repeated-slash requests against single slash routes. :issue:2834
• Fix handling of TypeError in TypeConversionDict.get() to match ValueErrors. :issue:2843
• Fix response_wrapper type check in test client. :issue:2831
• Make the return type of MultiPartParser.parse more precise. :issue:2840
• Raise an error if converter arguments cannot be parsed. :issue:2822

Version 3.0.1

Released 2023-10-24

• Fix slow multipart parsing for large parts potentially enabling DoS attacks. :cwe:CWE-407

Version 3.0.0

Released 2023-09-30

• Remove previously deprecated code. :pr:2768
• Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("werkzeug"), instead. :issue:2770
• generate_password_hash uses scrypt by default. :issue:2769
• Add the "werkzeug.profiler" item to the WSGI environ dictionary passed to ProfilerMiddleware's filename_format function. It contains the elapsed and time values for the profiled request. :issue:2775
• Explicitly marked the PathConverter as non path isolating. :pr:2784

Version 2.3.8

Released 2023-11-08

• Fix slow multipart parsing for large parts potentially enabling DoS attacks. :cwe:CWE-407

Version 2.3.7

... (truncated)

Commits

• d70dcea Release version 3.0.2
• ad703fd Bump the slsa-github-generator action version
• 5741398 Raise an error if the converter arguments cannot be parsed
• 0b47237 Fix issue with repeated-slash requests redirecting
• f516c40 Handle TypeError in TypeConversionDict
• 4c09d1b Add missing CHANGES entry for #2832
• 7ab3823 Fix: Use issubclass instead of isinstance
• 4e5bdca Make the exception tests more robust
• 70ad4d6 Use more precise type for formparser.MultiPartParser.parse return
• 6eafc0e Merge branch '2.3.x' into 3.0.x
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)