Initial Update

[pyup-bot]

This is my first visit to this fine repo so I have bundled all updates in a single pull request to make things easier for you to merge.

Close this pull request and delete the branch if you want me to start with single pull requests right away

Here's the executive summary:

Updates

Here's a list of all the updates bundled in this pull request. I've added some links to make it easier for you to find all the information you need.

Jinja2	2.8	»	2.9.5	PyPI | Changelog | Homepage
sqlalchemy	1.0.14	»	1.1.5	PyPI | Homepage
Flask-SQLAlchemy	2.1	»	2.2	PyPI | Changelog | Repo | Docs
Werkzeug	0.11.13	»	0.11.15	PyPI | Changelog | Homepage
Flask-Migrate	2.0.2	»	2.0.3	PyPI | Changelog | Repo | Docs
raven	5.32.0	»	6.0.0	PyPI | Changelog | Repo
Flask-DebugToolbar	0.10.0	»	0.10.1	PyPI | Changelog | Docs
cloudinary	1.5.0	»	1.6.1	PyPI | Changelog | Homepage
flask-socketio	2.8.2	»	2.8.4	PyPI | Repo | Docs
coverage	4.3.1	»	4.3.4	PyPI | Changelog | Docs
Faker	0.7.7	»	0.7.9	PyPI | Changelog | Repo

Changelogs

Jinja2 2.8 -> 2.9.5

2.9.5

---

(bugfix release, released on January 28th 2017)

• Restored the original repr of the internal _GroupTuple because this
  caused issues with ansible and it was an unintended change. (654)
• Added back support for custom contexts that override the old resolve
  method since it was hard for people to spot that this could cause a
  regression.
• Correctly use the buffer for the else block of for loops. This caused
  invalid syntax errors to be caused on 2.x and completely wrong behavior
  on Python 3 (669)
• Resolve an issue where the {% extends %} tag could not be used with
  async environments. (668)
• Reduce memory footprint slightly by reducing our unicode database dump
  we use for identifier matching on Python 3 (666)
• Fixed autoescaping not working for macros in async compilation mode. (671)

2.9.4

---

(bugfix release, released on January 10th 2017)

• Solved some warnings for string literals. (646)
• Increment the bytecode cache version which was not done due to an
  oversight before.
• Corrected bad code generation and scoping for filtered loops. (649)
• Resolved an issue where top-level output silencing after known extend
  blocks could generate invalid code when blocks where contained in if
  statements. (651)
• Made the truncate.leeway default configurable to improve compatibility
  with older templates.

2.9.3

---

(bugfix release, released on January 8th 2017)

• Restored the use of blocks in macros to the extend that was possible
  before. On Python 3 it would render a generator repr instead of
  the block contents. (645)
• Set a consistent behavior for assigning of variables in inner scopes
  when the variable is also read from an outer scope. This now sets the
  intended behavior in all situations however it does not restore the
  old behavior where limited assignments to outer scopes was possible.
  For more information and a discussion see 641
• Resolved an issue where block scoped would not take advantage of the
  new scoping rules. In some more exotic cases a variable overriden in a
  local scope would not make it into a block.
• Change the code generation of the with statement to be in line with the
  new scoping rules. This resolves some unlikely bugs in edge cases. This
  also introduces a new internal With node that can be used by extensions.

2.9.2

---

(bugfix release, released on January 8th 2017)

• Fixed a regression that caused for loops to not be able to use the same
  variable for the target as well as source iterator. (640)
• Add support for a previously unknown behavior of macros. It used to be
  possible in some circumstances to explicitly provide a caller argument
  to macros. While badly buggy and unintended it turns out that this is a
  common case that gets copy pasted around. To not completely break backwards
  compatibility with the most common cases it's now possible to provide an
  explicit keyword argument for caller if it's given an explicit default.
  (642)

2.9.1

---

(bugfix release, released on January 7th 2017)

• Resolved a regression with call block scoping for macros. Nested caller
  blocks that used the same identifiers as outer macros could refer to the
  wrong variable incorrectly.

2.9

---

(codename Derivation, released on January 7th 2017)

• Change cache key definition in environment. This fixes a performance
  regression introduced in 2.8.
• Added support for generator_stop on supported Python versions
  (Python 3.5 and later)
• Corrected a long standing issue with operator precedence of math operations
  not being what was expected.
• Added support for Python 3.6 async iterators through a new async mode.
• Added policies for filter defaults and similar things.
• urlize now sets "rel noopener" by default.
• Support attribute fallback for old-style classes in 2.x.
• Support toplevel set statements in extend situations.
• Restored behavior of Cycler for Python 3 users.
• Subtraction now follows the same behavior as other operators on undefined
  values.
• map and friends will now give better error messages if you forgot to
  quote the parameter.
• Depend on MarkupSafe 0.23 or higher.
• Improved the truncate filter to support better truncation in case
  the string is barely truncated at all.
• Change the logic for macro autoescaping to be based on the runtime
  autoescaping information at call time instead of macro define time.
• Ported a modified version of the tojson filter from Flask to Jinja2
  and hooked it up with the new policy framework.
• Block sets are now marked safe by default.
• On Python 2 the asciification of ASCII strings can now be disabled with
  the compiler.ascii_str policy.
• Tests now no longer accept an arbitrary expression as first argument but
  a restricted one. This means that you can now properly use multiple
  tests in one expression without extra parentheses. In particular you can
  now write foo is divisibleby 2 or foo is divisibleby 3
  as you would expect.
• Greatly changed the scoping system to be more consistent with what template
  designers and developers expect. There is now no more magic difference
  between the different include and import constructs. Context is now always
  propagated the same way. The only remaining differences is the defaults
  for with context and without context.
• The with and autoescape tags are now built-in.
• Added the new select_autoescape function which helps configuring better
  autoescaping easier.

2.8.2

---

(bugfix release, unreleased)

• Fixed a runtime error in the sandbox when attributes of async generators
  were accessed.

2.8.1

---

(bugfix release, released on December 29th 2016)

• Fixed the for_qs flag for urlencode.
• Fixed regression when applying int to non-string values.
• SECURITY: if the sandbox mode is used format expressions are now sandboxed
  with the same rules as in Jinja. This solves various information leakage
  problems that can occur with format strings.

Flask-SQLAlchemy 2.1 -> 2.2

2.2

---

Released on February 27, 2017, codename Dubnium

• Minimum SQLAlchemy version is 0.8 due to use of sqlalchemy.inspect.
• Added support for custom query_class and model_class as args
  to the SQLAlchemy constructor. (328_)
• Allow listening to SQLAlchemy events on db.session. (364_)
• Allow __bind_key__ on abstract models. (373_)
• Allow SQLALCHEMY_ECHO to be a string. (409_)
• Warn when SQLALCHEMY_DATABASE_URI is not set. (443_)
• Don't let pagination generate invalid page numbers. (460_)
• Drop support of Flask < 0.10. This means the db session is always tied to
  the app context and its teardown event. (461_)
• Tablename generation logic no longer accesses class properties unless they
  are declared_attr. (467_)

.. _328: pallets-eco/flask-sqlalchemy#328
.. _364: pallets-eco/flask-sqlalchemy#364
.. _373: pallets-eco/flask-sqlalchemy#373
.. _409: pallets-eco/flask-sqlalchemy#409
.. _443: pallets-eco/flask-sqlalchemy#443
.. _460: pallets-eco/flask-sqlalchemy#460
.. _461: pallets-eco/flask-sqlalchemy#461
.. _467: pallets-eco/flask-sqlalchemy#467

Werkzeug 0.11.13 -> 0.11.15

0.11.14

---

Released on December 30th 2016.

• Check if platform can fork before importing ForkingMixIn, raise exception
  when creating ForkingWSGIServer on such a platform, see PR 999.

Flask-Migrate 2.0.2 -> 2.0.3

2.0.3

• Support multiple -x arguments in the Flask-Script interface (103)

raven 5.32.0 -> 6.0.0

6.0.0

---

• Strip whitespace from DSNs automatically.
• Add last_event_id accessor to Client.
• Do not require sys.argv to be available any more.
• Tags defined on a logging handler will now be merged with individual log record's tags.
• Added explicit support for multidicts in the django client.
• Refactored transports to support multiple URLs. This might affect
  you if you have custom subclasses of those. The main change is that
  the URL parameter moved from the constructor into the send method.
• Corrected an issue with recursive route resolvers which commonly
  affected things like django-tastyepie.
• Corrected an issue where Django's HTTP request was not always available
  within events.

Flask-DebugToolbar 0.10.0 -> 0.10.1

0.10.1

---

Enhancements:

• Add support for Python wheels

Fixes:

• Switch imports from deprecated flask.ext.* to flask_* syntax (94, thanks
  Michael Lenzen & 97 thanks Iuri de Silvio)

cloudinary 1.5.0 -> 1.6.1

1.6.1

==================

• Add support for URL token.
• Rename auth_token.
• Support nested values in CLOUDINARY_URL.
• Refactor imports

1.6.0

==================

• Add Search by context API

coverage 4.3.1 -> 4.3.4

4.3.4

---

• Fixing 2.6 in version 4.3.3 broke other things, because the too-tricky
  exception wasn't properly derived from Exception, described in issue 556_.
  A newb mistake; it hasn't been a good few days.

.. _issue 556: https://bitbucket.org/ned/coveragepy/issues/556/43-fails-if-there-are-html-files-in-the

.. _changes_433:

4.3.3

---

• Python 2.6 support was broken due to a testing exception imported for the
  benefit of the coverage.py test suite. Properly conditionalizing it fixed
  issue 554_ so that Python 2.6 works again.

.. _issue 554: https://bitbucket.org/ned/coveragepy/issues/554/traceback-on-python-26-starting-with-432

.. _changes_432:

4.3.2

---

• Using the --skip-covered option on an HTML report with 100% coverage
  would cause a "No data to report" error, as reported in issue 549_. This is
  now fixed; thanks, Loïc Dachary.

• If-statements can be optimized away during compilation, for example, if 0:
  or if __debug__:. Coverage.py had problems properly understanding these
  statements which existed in the source, but not in the compiled bytecode.
  This problem, reported in issue 522_, is now fixed.

• If you specified --source as a directory, then coverage.py would look for
  importable Python files in that directory, and could identify ones that had
  never been executed at all. But if you specified it as a package name, that
  detection wasn't performed. Now it is, closing issue 426_. Thanks to Loïc
  Dachary for the fix.

• If you started and stopped coverage measurement thousands of times in your
  process, you could crash Python with a "Fatal Python error: deallocating
  None" error. This is now fixed. Thanks to Alex Groce for the bug report.

• On PyPy, measuring coverage in subprocesses could produce a warning: "Trace
  function changed, measurement is likely wrong: None". This was spurious, and
  has been suppressed.

• Previously, coverage.py couldn't start on Jython, due to that implementation
  missing the multiprocessing module (issue 551). This problem has now been
  fixed. Also, issue 322 about not being able to invoke coverage
  conveniently, seems much better: jython -m coverage run myprog.py works
  properly.

• Let's say you ran the HTML report over and over again in the same output
  directory, with --skip-covered. And imagine due to your heroic
  test-writing efforts, a file just acheived the goal of 100% coverage. With
  coverage.py 4.3, the old HTML file with the less-than-100% coverage would be
  left behind. This file is now properly deleted.

.. _issue 322: https://bitbucket.org/ned/coveragepy/issues/322/cannot-use-coverage-with-jython
.. issue 426: https://bitbucket.org/ned/coveragepy/issues/426/difference-between-coverage-results-with
.. issue 522: https://bitbucket.org/ned/coveragepy/issues/522/incorrect-branch-reporting-with-__debug
.. _issue 549: https://bitbucket.org/ned/coveragepy/issues/549/skip-covered-with-100-coverage-throws-a-no
.. _issue 551: https://bitbucket.org/ned/coveragepy/issues/551/coveragepy-cannot-be-imported-in-jython27

.. _changes_431:

Faker 0.7.7 -> 0.7.9

0.7.9

---

• Fix packaging isssue. Thanks jorti.

0.7.8

---

• Add a Russian language to color provider. Thanks kotyara1005.
• Correct UnboundLocalError in Finnish SSN generator. Thanks lamby.
• Create internet IT provider. Thanks GlassGruber.
• Add fix_len parameter to 'random_number'. Thanks vlad-ki.
• Support zh_CN lorem. Thanks yihuang.
• Customize chinese word connector. Thanks yihuang.
• Add more company data to fa_IR. Thanks aminalaee.
• Python 3.6 support. Thanks stephane.
• Add hu_HU providers. Thanks chrisvoncsefalvay.
• Fix tests failures.

Once you have closed this pull request, I'll create seperate pull requests for every update as soon as I find them.

That's it for now!

Happy merging! 🤖

[codecov-io]

Codecov Report

Merging #421 into master will decrease coverage by -20.83%.
The diff coverage is n/a.

@@             Coverage Diff             @@
##           master     #421       +/-   ##
===========================================
- Coverage   73.47%   52.65%   -20.83%     
===========================================
  Files          67       67               
  Lines        3299     3299               
  Branches      335      335               
===========================================
- Hits         2424     1737      -687     
- Misses        761     1532      +771     
+ Partials      114       30       -84

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ad500d5...c4831a1. Read the comment docs.