[Snyk] Security upgrade werkzeug from 0.9.4 to 3.1.5 #325
Conversation
…ents.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-14908843
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
There was a problem hiding this comment.
Cursor Bugbot has reviewed your changes and found 1 potential issue.
Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.
This is the final PR Bugbot will review for you during this billing cycle
Your free Bugbot reviews will reset on February 19
Details
You are on the Bugbot Free tier. On this plan, Bugbot will review limited PRs each billing cycle.
To receive Bugbot reviews on all of your PRs, visit the Cursor dashboard to activate Pro and start your 14-day free trial.
| Jinja2==2.7.2 | ||
| MarkupSafe==0.18 | ||
| Werkzeug==0.9.4 | ||
| Werkzeug==3.1.5 |
There was a problem hiding this comment.
Incompatible Werkzeug upgrade breaks Flask 0.10.1
High Severity
Upgrading Werkzeug from 0.9.4 to 3.1.5 while keeping Flask==0.10.1 causes a breaking incompatibility. Flask 0.10.1 (from 2013) relies on Werkzeug 0.x internal APIs that were removed or moved in Werkzeug 3.x. This will cause immediate import errors (e.g., cannot import name 'url_quote' from 'werkzeug.urls') and prevent the application from starting. Flask needs to be upgraded to at least version 2.x or 3.x to work with Werkzeug 3.1.5.
Snyk has created this PR to fix 1 vulnerabilities in the pip dependencies of this project.
Snyk changed the following file(s):
solutions/2.2.4 Using Flask: Extending the Search Route/requirements.txtImportant
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.
Note
Security dependency upgrade
Werkzeugfrom0.9.4to3.1.5insolutions/2.2.4 Using Flask: Extending the Search Route/requirements.txtWritten by Cursor Bugbot for commit ef236ea. This will update automatically on new commits. Configure here.