Update werkzeug to 1.0.1

[pyup-bot]

This PR updates Werkzeug from 0.15.3 to 1.0.1.

Changelog

1.0.1

-------------

Released 2020-03-31

-   Make the argument to ``RequestRedirect.get_response`` optional.
 :issue:`1718`
-   Only allow a single access control allow origin value. :pr:`1723`
-   Fix crash when trying to parse a non-existent Content Security
 Policy header. :pr:`1731`
-   ``http_date`` zero fills years < 1000 to always output four digits.
 :issue:`1739`
-   Fix missing local variables in interactive debugger console.
 :issue:`1746`
-   Fix passing file-like objects like ``io.BytesIO`` to
 ``FileStorage.save``. :issue:`1733`

1.0.0

-------------

Released 2020-02-06

-   Drop support for Python 3.4. (:issue:`1478`)
-   Remove code that issued deprecation warnings in version 0.15.
 (:issue:`1477`)
-   Remove most top-level attributes provided by the ``werkzeug``
 module in favor of direct imports. For example, instead of
 ``import werkzeug; werkzeug.url_quote``, do
 ``from werkzeug.urls import url_quote``. Install version 0.16 first
 to see deprecation warnings while upgrading. :issue:`2`, :pr:`1640`
-   Added ``utils.invalidate_cached_property()`` to invalidate cached
 properties. (:pr:`1474`)
-   Directive keys for the ``Set-Cookie`` response header are not
 ignored when parsing the ``Cookie`` request header. This allows
 cookies with names such as "expires" and "version". (:issue:`1495`)
-   Request cookies are parsed into a ``MultiDict`` to capture all
 values for cookies with the same key. ``cookies[key]`` returns the
 first value rather than the last. Use ``cookies.getlist(key)`` to
 get all values. ``parse_cookie`` also defaults to a ``MultiDict``.
 :issue:`1562`, :pr:`1458`
-   Add ``charset=utf-8`` to an HTTP exception response's
 ``CONTENT_TYPE`` header. (:pr:`1526`)
-   The interactive debugger handles outer variables in nested scopes
 such as lambdas and comprehensions. :issue:`913`, :issue:`1037`,
 :pr:`1532`
-   The user agent for Opera 60 on Mac is correctly reported as
 "opera" instead of "chrome". :issue:`1556`
-   The platform for Crosswalk on Android is correctly reported as
 "android" instead of "chromeos". (:pr:`1572`)
-   Issue a warning when the current server name does not match the
 configured server name. :issue:`760`
-   A configured server name with the default port for a scheme will
 match the current server name without the port if the current scheme
 matches. :pr:`1584`
-   :exc:`~exceptions.InternalServerError` has a ``original_exception``
 attribute that frameworks can use to track the original cause of the
 error. :pr:`1590`
-   Headers are tested for equality independent of the header key case,
 such that ``X-Foo`` is the same as ``x-foo``. :pr:`1605`
-   :meth:`http.dump_cookie` accepts ``'None'`` as a value for
 ``samesite``. :issue:`1549`
-   :meth:`~test.Client.set_cookie` accepts a ``samesite`` argument.
 :pr:`1705`
-   Support the Content Security Policy header through the
 `Response.content_security_policy` data structure. :pr:`1617`
-   ``LanguageAccept`` will fall back to matching "en" for "en-US" or
 "en-US" for "en" to better support clients or translations that
 only match at the primary language tag. :issue:`450`, :pr:`1507`
-   ``MIMEAccept`` uses MIME parameters for specificity when matching.
 :issue:`458`, :pr:`1574`
-   If the development server is started with an ``SSLContext``
 configured to verify client certificates, the certificate in PEM
 format will be available as ``environ["SSL_CLIENT_CERT"]``.
 :pr:`1469`
-   ``is_resource_modified`` will run for methods other than ``GET`` and
 ``HEAD``, rather than always returning ``False``. :issue:`409`
-   ``SharedDataMiddleware`` returns 404 rather than 500 when trying to
 access a directory instead of a file with the package loader. The
 dependency on setuptools and pkg_resources is removed.
 :issue:`1599`
-   Add a ``response.cache_control.immutable`` flag. Keep in mind that
 browser support for this ``Cache-Control`` header option is still
 experimental and may not be implemented. :issue:`1185`
-   Optional request log highlighting with the development server is
 handled by Click instead of termcolor. :issue:`1235`
-   Optional ad-hoc TLS support for the development server is handled
 by cryptography instead of pyOpenSSL. :pr:`1555`
-   ``FileStorage.save()`` supports ``pathlib`` and :pep:`519`
 ``PathLike`` objects. :issue:`1653`
-   The debugger security pin is unique in containers managed by Podman.
 :issue:`1661`
-   Building a URL when ``host_matching`` is enabled takes into account
 the current host when there are duplicate endpoints with different
 hosts. :issue:`488`
-   The ``429 TooManyRequests`` and ``503 ServiceUnavailable`` HTTP
 exceptions takes a ``retry_after`` parameter to set the
 ``Retry-After`` header. :issue:`1657`
-   ``Map`` and ``Rule`` have a ``merge_slashes`` option to collapse
 multiple slashes into one, similar to how many HTTP servers behave.
 This is enabled by default. :pr:`1286, 1694`
-   Add HTTP 103, 208, 306, 425, 506, 508, and 511 to the list of status
 codes. :pr:`1678`
-   Add ``update``, ``setlist``, and ``setlistdefault`` methods to the
 ``Headers`` data structure. ``extend`` method can take ``MultiDict``
 and kwargs. :pr:`1687, 1697`
-   The development server accepts paths that start with two slashes,
 rather than stripping off the first path segment. :issue:`491`
-   Add access control (Cross Origin Request Sharing, CORS) header
 properties to the ``Request`` and ``Response`` wrappers. :pr:`1699`
-   ``Accept`` values are no longer ordered alphabetically for equal
 quality tags. Instead the initial order is preserved. :issue:`1686`
-   Added ``Map.lock_class`` attribute for alternative
 implementations. :pr:`1702`
-   Support matching and building WebSocket rules in the routing system,
 for use by async frameworks. :pr:`1709`
-   Range requests that span an entire file respond with 206 instead of
 200, to be more compliant with :rfc:`7233`. This may help serving
 media to older browsers. :issue:`410, 1704`
-   The :class:`~middleware.shared_data.SharedDataMiddleware` default
 ``fallback_mimetype`` is ``application/octet-stream``. If a filename
 looks like a text mimetype, the ``utf-8`` charset is added to it.
 This matches the behavior of :class:`~wrappers.BaseResponse` and
 Flask's ``send_file()``. :issue:`1689`

0.16.1

--------------

Released 2020-01-27

-   Fix import location in deprecation messages for subpackages.
 :issue:`1663`
-   Fix an SSL error on Python 3.5 when the dev server responds with no
 content. :issue:`1659`

0.16.0

--------------

Released 2019-09-19

-   Deprecate most top-level attributes provided by the ``werkzeug``
 module in favor of direct imports. The deprecated imports will be
 removed in version 1.0.

 For example, instead of ``import werkzeug; werkzeug.url_quote``, do
 ``from werkzeug.urls import url_quote``. A deprecation warning will
 show the correct import to use. ``werkzeug.exceptions`` and
 ``werkzeug.routing`` should also be imported instead of accessed,
 but for technical reasons can't show a warning.

 :issue:`2`, :pr:`1640`

0.15.6

--------------

Released 2019-09-04

-   Work around a bug in pip that caused the reloader to fail on
 Windows when the script was an entry point. This fixes the issue
 with Flask's `flask run` command failing with "No module named
 Scripts\flask". :issue:`1614`
-   ``ProxyFix`` trusts the ``X-Forwarded-Proto`` header by default.
 :issue:`1630`
-   The deprecated ``num_proxies`` argument to ``ProxyFix`` sets
 ``x_for``, ``x_proto``, and ``x_host`` to match 0.14 behavior. This
 is intended to make intermediate upgrades less disruptive, but the
 argument will still be removed in 1.0. :issue:`1630`

0.15.5

--------------

Released 2019-07-17

-   Fix a ``TypeError`` due to changes to ``ast.Module`` in Python 3.8.
 :issue:`1551`
-   Fix a C assertion failure in debug builds of some Python 2.7
 releases. :issue:`1553`
-   :class:`~exceptions.BadRequestKeyError` adds the ``KeyError``
 message to the description if ``e.show_exception`` is set to
 ``True``. This is a more secure default than the original 0.15.0
 behavior and makes it easier to control without losing information.
 :pr:`1592`
-   Upgrade the debugger to jQuery 3.4.1. :issue:`1581`
-   Work around an issue in some external debuggers that caused the
 reloader to fail. :issue:`1607`
-   Work around an issue where the reloader couldn't introspect a
 setuptools script installed as an egg. :issue:`1600`
-   The reloader will use ``sys.executable`` even if the script is
 marked executable, reverting a behavior intended for NixOS
 introduced in 0.15. The reloader should no longer cause
 ``OSError: [Errno 8] Exec format error``. :issue:`1482`,
 :issue:`1580`
-   ``SharedDataMiddleware`` safely handles paths with Windows drive
 names. :issue:`1589`

0.15.4

--------------

Released 2019-05-14

-   Fix a ``SyntaxError`` on Python 2.7.5. (:issue:`1544`)

Links

• PyPI: https://pypi.org/project/werkzeug
• Changelog: https://pyup.io/changelogs/werkzeug/
• Homepage: https://palletsprojects.com/p/werkzeug/

[pyup-bot]

Closing this in favor of #97