From df201ed152b61c439ea1ace179f35b424594ba6c Mon Sep 17 00:00:00 2001 From: David Lord Date: Fri, 1 Nov 2024 16:44:17 -0700 Subject: [PATCH 1/5] fix js example test --- examples/javascript/tests/test_js_example.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/examples/javascript/tests/test_js_example.py b/examples/javascript/tests/test_js_example.py index d155ad5c34..856f5f7725 100644 --- a/examples/javascript/tests/test_js_example.py +++ b/examples/javascript/tests/test_js_example.py @@ -5,7 +5,7 @@ @pytest.mark.parametrize( ("path", "template_name"), ( - ("/", "xhr.html"), + ("/", "fetch.html"), ("/plain", "xhr.html"), ("/fetch", "fetch.html"), ("/jquery", "jquery.html"), From 8aa161a43731795841fa2678d3dff0559cee527e Mon Sep 17 00:00:00 2001 From: David Lord Date: Fri, 1 Nov 2024 17:18:52 -0700 Subject: [PATCH 2/5] add sqlite datetime converter --- docs/tutorial/database.rst | 10 ++++++++++ examples/tutorial/flaskr/db.py | 4 ++++ 2 files changed, 14 insertions(+) diff --git a/docs/tutorial/database.rst b/docs/tutorial/database.rst index 934f6008ce..93abf93a1a 100644 --- a/docs/tutorial/database.rst +++ b/docs/tutorial/database.rst @@ -37,6 +37,7 @@ response is sent. :caption: ``flaskr/db.py`` import sqlite3 + from datetime import datetime import click from flask import current_app, g @@ -132,6 +133,11 @@ Add the Python functions that will run these SQL commands to the init_db() click.echo('Initialized the database.') + + sqlite3.register_converter( + "timestamp", lambda v: datetime.fromisoformat(v.decode()) + ) + :meth:`open_resource() ` opens a file relative to the ``flaskr`` package, which is useful since you won't necessarily know where that location is when deploying the application later. ``get_db`` @@ -142,6 +148,10 @@ read from the file. that calls the ``init_db`` function and shows a success message to the user. You can read :doc:`/cli` to learn more about writing commands. +The call to :func:`sqlite3.register_converter` tells Python how to +interpret timestamp values in the database. We convert the value to a +:class:`datetime.datetime`. + Register with the Application ----------------------------- diff --git a/examples/tutorial/flaskr/db.py b/examples/tutorial/flaskr/db.py index acaa4ae31f..dec22fde2d 100644 --- a/examples/tutorial/flaskr/db.py +++ b/examples/tutorial/flaskr/db.py @@ -1,4 +1,5 @@ import sqlite3 +from datetime import datetime import click from flask import current_app @@ -44,6 +45,9 @@ def init_db_command(): click.echo("Initialized the database.") +sqlite3.register_converter("timestamp", lambda v: datetime.fromisoformat(v.decode())) + + def init_app(app): """Register database functions with the Flask app. This is called by the application factory. From a9b99b3489cc24b5bed99fbadbd91f598a5a1420 Mon Sep 17 00:00:00 2001 From: David Lord Date: Fri, 1 Nov 2024 18:00:39 -0700 Subject: [PATCH 3/5] update example project metadata --- examples/celery/pyproject.toml | 4 ++-- examples/javascript/{LICENSE.rst => LICENSE.txt} | 0 examples/javascript/pyproject.toml | 3 ++- examples/tutorial/{LICENSE.rst => LICENSE.txt} | 0 examples/tutorial/pyproject.toml | 3 ++- 5 files changed, 6 insertions(+), 4 deletions(-) rename examples/javascript/{LICENSE.rst => LICENSE.txt} (100%) rename examples/tutorial/{LICENSE.rst => LICENSE.txt} (100%) diff --git a/examples/celery/pyproject.toml b/examples/celery/pyproject.toml index 25887ca2f7..cca36d8c97 100644 --- a/examples/celery/pyproject.toml +++ b/examples/celery/pyproject.toml @@ -3,8 +3,8 @@ name = "flask-example-celery" version = "1.0.0" description = "Example Flask application with Celery background tasks." readme = "README.md" -requires-python = ">=3.8" -dependencies = ["flask>=2.2.2", "celery[redis]>=5.2.7"] +classifiers = ["Private :: Do Not Upload"] +dependencies = ["flask", "celery[redis]"] [build-system] requires = ["flit_core<4"] diff --git a/examples/javascript/LICENSE.rst b/examples/javascript/LICENSE.txt similarity index 100% rename from examples/javascript/LICENSE.rst rename to examples/javascript/LICENSE.txt diff --git a/examples/javascript/pyproject.toml b/examples/javascript/pyproject.toml index 0ec631d2c5..c3fde1d740 100644 --- a/examples/javascript/pyproject.toml +++ b/examples/javascript/pyproject.toml @@ -3,8 +3,9 @@ name = "js_example" version = "1.1.0" description = "Demonstrates making AJAX requests to Flask." readme = "README.rst" -license = {file = "LICENSE.rst"} +license = {file = "LICENSE.txt"} maintainers = [{name = "Pallets", email = "contact@palletsprojects.com"}] +classifiers = ["Private :: Do Not Upload"] dependencies = ["flask"] [project.urls] diff --git a/examples/tutorial/LICENSE.rst b/examples/tutorial/LICENSE.txt similarity index 100% rename from examples/tutorial/LICENSE.rst rename to examples/tutorial/LICENSE.txt diff --git a/examples/tutorial/pyproject.toml b/examples/tutorial/pyproject.toml index 73a674cec0..ca31e53d19 100644 --- a/examples/tutorial/pyproject.toml +++ b/examples/tutorial/pyproject.toml @@ -3,8 +3,9 @@ name = "flaskr" version = "1.0.0" description = "The basic blog app built in the Flask tutorial." readme = "README.rst" -license = {text = "BSD-3-Clause"} +license = {file = "LICENSE.txt"} maintainers = [{name = "Pallets", email = "contact@palletsprojects.com"}] +classifiers = ["Private :: Do Not Upload"] dependencies = [ "flask", ] From 98ae71897600a3162f529b1b30c70b8abdf0961b Mon Sep 17 00:00:00 2001 From: David Lord Date: Fri, 1 Nov 2024 18:06:34 -0700 Subject: [PATCH 4/5] fix mypy finding --- src/flask/app.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/flask/app.py b/src/flask/app.py index 7622b5e838..5c424b13a7 100644 --- a/src/flask/app.py +++ b/src/flask/app.py @@ -1226,7 +1226,7 @@ def make_response(self, rv: ft.ResponseReturnValue) -> Response: # extend existing headers with provided headers if headers: - rv.headers.update(headers) # type: ignore[arg-type] + rv.headers.update(headers) return rv From 6c44dd4bb8e4f2ca5f135f172de4725b2cada155 Mon Sep 17 00:00:00 2001 From: David <39418842+CheeseCake87@users.noreply.github.com> Date: Wed, 6 Nov 2024 17:47:57 +0000 Subject: [PATCH 5/5] update helpers.send_from_directory docstring (#5599) Update helpers.send_from_directory docstring to match werkzeug.utils.send_from_directory docstring on the :param directory: line. --- src/flask/helpers.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/flask/helpers.py b/src/flask/helpers.py index f891eed126..57c8a00054 100644 --- a/src/flask/helpers.py +++ b/src/flask/helpers.py @@ -547,7 +547,8 @@ def download_file(name): raises a 404 :exc:`~werkzeug.exceptions.NotFound` error. :param directory: The directory that ``path`` must be located under, - relative to the current application's root path. + relative to the current application's root path. This *must not* + be a value provided by the client, otherwise it becomes insecure. :param path: The path to the file to send, relative to ``directory``. :param kwargs: Arguments to pass to :func:`send_file`.