Skip to content

Update flask-cors requirement from >=6.0.2 to >=6.0.5#19

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/flask-cors-gte-6.0.5
Open

Update flask-cors requirement from >=6.0.2 to >=6.0.5#19
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/pip/flask-cors-gte-6.0.5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 12, 2026

Copy link
Copy Markdown
Contributor

Updates the requirements on flask-cors to permit the latest version.

Release notes

Sourced from flask-cors's releases.

6.0.5

Supersedes 6.0.4

What's Changed

Full Changelog: corydolphin/flask-cors@6.0.3...6.0.5

Changelog

Sourced from flask-cors's changelog.

Change Log

Unreleased

  • Fix mypy --strict rejecting CORS(blueprint) / init_app(blueprint). The app parameter is now typed as Flask | Blueprint | None, restoring Blueprint support broken in 6.0.4 (#410). A type-checking regression test guards this going forward.
  • Add full type annotations and a py.typed marker. The package now passes mypy --strict, checked in CI.
  • Type the keyword arguments to CORS, init_app, and cross_origin so invalid options are caught by type checkers.
  • Resolve options into a frozen internal dataclass instead of a plain dict.
  • Invalid regular expressions now raise instead of being silently ignored.

4.0.1

Security

4.0.0

3.1.01

3.0.10

Adds support for PPC64 and ARM64 builds for distribution. Thanks @​sreekanth370

3.0.9

Security

  • Escape path before evaluating resource rules (thanks to Colby Morgan). Prior to this, flask-cors incorrectly evaluated CORS resource matching before path expansion. E.g. "/api/../foo.txt" would incorrectly match resources for "/api/*" whereas the path actually expands simply to "/foo.txt"

3.0.8

Fixes : DeprecationWarning: Using or importing the ABCs from 'collections' in Python 3.7. Thank you @​juanmaneo and @​jdevera for the contribution.

3.0.7

Updated logging.warn to logging.warning (#234) Thanks Vaibhav

3.0.6

Manual error in release process. Identical contents at 3.0.5.

3.0.5

Fixes incorrect handling of regexes containing [, and a few other special characters. Fixes Issue #212

... (truncated)

Commits
  • 91ebc49 Typing Hotfix: support blueprints in the type system
  • d601665 Add strict MyPy Typing
  • c8e8871 Harden release publishing workflow (#406)
  • e1d4034 Derive package version from git tag via setuptools-scm (#405)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Update flask-cors requirement from >=6.0.2 to >=6.0.5
7063f7f 
Updates the requirements on [flask-cors](https://github.com/corydolphin/flask-cors) to permit the latest version.
- [Release notes](https://github.com/corydolphin/flask-cors/releases)
- [Changelog](https://github.com/corydolphin/flask-cors/blob/main/CHANGELOG.md)
- [Commits](corydolphin/flask-cors@6.0.2...6.0.5)

---
updated-dependencies:
- dependency-name: flask-cors
  dependency-version: 6.0.5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file python Pull requests that update python code labels Jun 12, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants