py3-werkzeug/3.0.4 package update

[octo-sts]

[github-actions]

Package py3-werkzeug: Click to expand/collapse

Package py3-werkzeug:

.PKGINFO metadata:

  (
  	"""
- 	# Generated by melange v0.16.6-18-gf2fd84a
+ 	# Generated by melange
  	pkgname = py3-werkzeug
- 	pkgver = 3.0.3-r0
+ 	pkgver = 3.0.4-r0
  	arch = x86_64
- 	size = 868114
+ 	size = 869938
  	origin = py3-werkzeug
  	pkgdesc = The comprehensive WSGI web application library.
  	url = 
- 	commit = e6eb9e7950846cb02d2dd8bf4d18bc97f34c147a
- 	builddate = 1714969651
+ 	commit = 6324c725770909f1c5e6b3cfbc158c1449935acc
  	license = BSD-3-Clause
  	depend = py3-markupsafe
  	depend = python-3
- 	datahash = 6d2079e23357427586b98f4c4ed927923003e36411b657838581861a39c56787
+ 	datahash = 57579e457bf35d4cf684425068d47eaa93d33ad52fe61926d5cc48b088b191fe
  	"""
  )

Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/LICENSE.txt
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/METADATA
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/RECORD
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/WHEEL
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/init.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/shared/debugger.js
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/tbtools.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/formparser.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/http.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/routing/rules.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/serving.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/wrappers/request.py
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/LICENSE.txt
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/METADATA
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/RECORD
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/WHEEL

bincapz found differences: Click to expand/collapse

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/23269a7f816365aee4382e0901c9

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
+MEDIUM	net/download	download files	downloadLocation
+LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/d3bf620eba76c53c86cfa367aedc

[octo-sts]

Open AI suggestions to solve the build error:

The error message is: "fatal: detected dubious ownership in repository at '/github/home'\nTo add an exception for this directory, call:\n\ngit config --global --add safe.directory /github/home"

To fix this error:
1. Open your terminal.
2. Run the command: `git config --global --add safe.directory /github/home`
3. Verify the configuration by running: `git config --global --get-all safe.directory`

[github-actions]

Package py3-werkzeug: Click to expand/collapse

Package py3-werkzeug:

.PKGINFO metadata:

  (
  	"""
- 	# Generated by melange v0.16.6-18-gf2fd84a
+ 	# Generated by melange
  	pkgname = py3-werkzeug
- 	pkgver = 3.0.3-r0
+ 	pkgver = 3.0.4-r0
  	arch = x86_64
- 	size = 868114
+ 	size = 869938
  	origin = py3-werkzeug
  	pkgdesc = The comprehensive WSGI web application library.
  	url = 
- 	commit = e6eb9e7950846cb02d2dd8bf4d18bc97f34c147a
- 	builddate = 1714969651
+ 	commit = 6324c725770909f1c5e6b3cfbc158c1449935acc
  	license = BSD-3-Clause
  	depend = py3-markupsafe
  	depend = python-3
- 	datahash = 6d2079e23357427586b98f4c4ed927923003e36411b657838581861a39c56787
+ 	datahash = 57579e457bf35d4cf684425068d47eaa93d33ad52fe61926d5cc48b088b191fe
  	"""
  )

Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/LICENSE.txt
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/METADATA
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/RECORD
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/WHEEL
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/init.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/shared/debugger.js
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/tbtools.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/formparser.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/http.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/routing/rules.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/serving.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/wrappers/request.py
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/LICENSE.txt
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/METADATA
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/RECORD
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/WHEEL

bincapz found differences: Click to expand/collapse

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/23269a7f816365aee4382e0901c9

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
+MEDIUM	net/download	download files	downloadLocation
+LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/d3bf620eba76c53c86cfa367aedc

[octo-sts]

Open AI suggestions to solve the build error:

The error message is: "fatal: detected dubious ownership in repository at '/github/home'\nTo add an exception for this directory, call:\n\ngit config --global --add safe.directory /github/home"

To fix this error, follow these steps:
1. Open your terminal.
2. Run: `git config --global --add safe.directory /github/home`
3. Verify by running: `git config --global --get-all safe.directory`

[github-actions]

Package py3-werkzeug: Click to expand/collapse

Package py3-werkzeug:

.PKGINFO metadata:

  (
  	"""
- 	# Generated by melange v0.16.6-18-gf2fd84a
+ 	# Generated by melange
  	pkgname = py3-werkzeug
- 	pkgver = 3.0.3-r0
+ 	pkgver = 3.0.4-r0
  	arch = x86_64
- 	size = 868114
+ 	size = 869938
  	origin = py3-werkzeug
  	pkgdesc = The comprehensive WSGI web application library.
  	url = 
- 	commit = e6eb9e7950846cb02d2dd8bf4d18bc97f34c147a
- 	builddate = 1714969651
+ 	commit = 6324c725770909f1c5e6b3cfbc158c1449935acc
  	license = BSD-3-Clause
  	depend = py3-markupsafe
  	depend = python-3
- 	datahash = 6d2079e23357427586b98f4c4ed927923003e36411b657838581861a39c56787
+ 	datahash = 57579e457bf35d4cf684425068d47eaa93d33ad52fe61926d5cc48b088b191fe
  	"""
  )

Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/LICENSE.txt
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/METADATA
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/RECORD
Added: /usr/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/WHEEL
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/init.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/shared/debugger.js
Modified: /usr/lib/python3.12/site-packages/werkzeug/debug/tbtools.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/formparser.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/http.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/routing/rules.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/serving.py
Modified: /usr/lib/python3.12/site-packages/werkzeug/wrappers/request.py
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/LICENSE.txt
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/METADATA
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/RECORD
Deleted: /usr/lib/python3.12/site-packages/werkzeug-3.0.3.dist-info/WHEEL

bincapz found differences: Click to expand/collapse

Deleted: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.3-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/23269a7f816365aee4382e0901c9

Added: py3-werkzeug/var/lib/db/sbom/py3-werkzeug-3.0.4-r0.spdx.json [⚠️ MEDIUM]

RISK	KEY	DESCRIPTION	EVIDENCE
+MEDIUM	net/download	download files	downloadLocation
+LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/d3bf620eba76c53c86cfa367aedc

[octo-sts]

Open AI suggestions to solve the build error:

The error message is: "fatal: detected dubious ownership in repository at '/github/home'
To add an exception for this directory, call:

git config --global --add safe.directory /github/home"

To fix this error, follow these steps:
1. Open your terminal.
2. Run: `git config --global --add safe.directory /github/home`
3. Verify with: `git config --global --get-all safe.directory`

[philroche]

Changes summay:
Total files changed: 21

Total changes: 353
Total additions: 206
Total deletions: 147

Total commits: 22

• release version 3.0.3 ([Wolfi Package Request]: LibreOffice #2896)

  David Lord (davidism@gmail.com) @ 2024-05-05T23:11:05Z

• test with python 3.13

  David Lord (davidism@gmail.com) @ 2024-05-11T17:02:40Z

• test with python 3.13 (Bump k8s deps in the aws-* packages to remove GHSAs. #2900)

  David Lord (davidism@gmail.com) @ 2024-05-11T17:15:11Z

• split tox update envs

  David Lord (davidism@gmail.com) @ 2024-05-18T15:28:43Z

• update dev dependencies

  David Lord (davidism@gmail.com) @ 2024-05-18T15:43:13Z

• Test with cffi 1.17.0rc1 (llvm-libunwind/16.0.6 package update #2910)

  Edgar Ramírez Mondragón (16805946+edgarrmondragon@users.noreply.github.com) @ 2024-05-24T21:41:43Z

• Improve types for AST handling (vim/9.0.1640 package update #2905)

  Jelle Zijlstra (jelle.zijlstra@gmail.com) @ 2024-08-20T16:14:13Z

• pass args through tox to pip-compile

  David Lord (davidism@gmail.com) @ 2024-08-20T16:20:50Z

• update mypy

  David Lord (davidism@gmail.com) @ 2024-08-20T16:21:14Z

• update mypy (newrelic-fluent-bit-output/1.17.2 package update #2936)

  David Lord (davidism@gmail.com) @ 2024-08-20T16:24:39Z

• start version 3.0.4

  David Lord (davidism@gmail.com) @ 2024-08-20T16:26:10Z

• restore invalid bytes behavior for form parser

  David Lord (davidism@gmail.com) @ 2024-08-20T17:58:30Z

• restore invalid bytes behavior for form parser (remove meson dependency on strip #2938)

  David Lord (davidism@gmail.com) @ 2024-08-20T18:03:30Z

• improve parse_options_header performance

  David Lord (davidism@gmail.com) @ 2024-08-21T04:30:45Z

• improve parse_options_header performance (tigera-operator/1.30.4 package update #2939)

  David Lord (davidism@gmail.com) @ 2024-08-21T04:41:57Z

• synchronize failed pin entry

  David Lord (davidism@gmail.com) @ 2024-08-21T14:16:19Z

• synchronize failed pin entry (hugo/0.114.0 package update #2940)

  David Lord (davidism@gmail.com) @ 2024-08-21T14:29:24Z

• treat SSLEOFError as dropped connection

  David Lord (davidism@gmail.com) @ 2024-08-21T16:02:30Z

• treat SSLEOFError as dropped connection (hugo-extended/0.114.0 package update #2941)

  David Lord (davidism@gmail.com) @ 2024-08-21T16:59:03Z

• debugger works on urls with query string

  David Lord (davidism@gmail.com) @ 2024-08-21T19:23:52Z

• debugger works on urls with query string (aws-efs-csi-driver/1.5.7 package update #2942)

  David Lord (davidism@gmail.com) @ 2024-08-21T19:30:22Z

• release version 3.0.4

  David Lord (davidism@gmail.com) @ 2024-08-21T19:35:55Z

GitHub compare URL: pallets/werkzeug@f9995e9...b933ccb

[philroche]

This is a patch version bump with mainly dependency version bumps included.

All checks pass apart from CVE check but these CVE check failures will be picked up with automated CVE remediation.