Skip to content

Bump flask-login from 0.4.1 to 0.6.3#112

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/flask-login-0.6.3
Closed

Bump flask-login from 0.4.1 to 0.6.3#112
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/pip/flask-login-0.6.3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 13, 2026
edited
Loading

Bumps flask-login from 0.4.1 to 0.6.3.

Release notes

Sourced from flask-login's releases.

0.6.3

This fixes compatibility with Flask 3 and Werkzeug 3.

0.6.2

0.6.1

Changes: https://github.com/maxcountryman/flask-login/blob/main/CHANGES.md#version-061

0.6.0

This release sets new minimum versions of Python, Flask, and Werkzeug, and fixes compatibility with the latest versions of those.

  • Python >= 3.7
  • Flask >= 1.0.4, this will be bumped to reflect the latest supported release (2.1) in the future
  • Werkzeug >= 1.0.1, this will be bumped to reflect the latest supported release (2.1) in the future
Changelog

Sourced from flask-login's changelog.

Version 0.6.3

Released 2023-10-30

  • Compatibility with Flask 3 and Werkzeug 3. #813

Version 0.6.2

Released on July 25th, 2022

  • Fix compatibility with Werkzeug 2.2 and Flask 2.2. #691
  • Revert change to expand_login_view that attempted to preserve a dynamic subdomain value. Such values should be handled using app.url_value_preprocessor and app.url_defaults. #691
  • Ensure deprecation warnings are present for deprecated features that will be removed in the next feature release.
    • Use request_loader instead of header_loader.
    • Use user_loaded_from_request instead of user_loaded_from_header.
    • Use app.config["LOGIN_DISABLED"] instead of _login_disabled.
    • Use init_app instead of setup_app.

Version 0.6.1

Released on May 1st, 2022

  • Only preserve subdomain or host view args in unauthorized redirect #663
  • The new utility function login_remembered returns True if the current login is remembered across sessions. #654
  • Fix side effect potentially executing view twice for same request. #666
  • Clarify usage of FlaskLoginClient test client in docs. #668

Version 0.6.0

Released on March 30th, 2022

  • Drop support for Python 2.7, 3.5, and 3.6, which have all reached the end of their official support. #594, #638
  • The minimum supported version of Flask is 1.0.4, and Werkzeug is 1.0.1. However, projects are advised to use the latest versions of both. #639
  • Only flash "needs_refresh_message" if value is set #464
  • Modify expand_login_view to allow for subdomain and host matching for login_view #462
  • Add accessors for request_loader and user_loader callback functions #472
  • Change "remember_me" cookie to match Werkzeug default value #488
  • Change "remember_me" cookie to HttpOnly, matching Flask session cookie #488

... (truncated)

Commits
  • 88eca62 release version 0.6.3
  • 94890a6 use urllib for werkzeug 3 compat
  • c91adec tests work with werkzueg<2.3 test client
  • f0b795d update dev requirements
  • da07d79 start version 0.6.3
  • 9154178 Merge pull request #693 from maxcountryman/release-0.6.2
  • 2d23e91 release version 0.6.2
  • ae1be9c Merge pull request #692 from maxcountryman/deprecations
  • 197ac04 ensure deprecation warnings
  • b65e858 Merge pull request #691 from maxcountryman/pallets-compat
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump flask-login from 0.4.1 to 0.6.3
6c0bdc3 
Bumps [flask-login](https://github.com/maxcountryman/flask-login) from 0.4.1 to 0.6.3.
- [Release notes](https://github.com/maxcountryman/flask-login/releases)
- [Changelog](https://github.com/maxcountryman/flask-login/blob/main/CHANGES.md)
- [Commits](maxcountryman/flask-login@0.4.1...0.6.3)

---
updated-dependencies:
- dependency-name: flask-login
  dependency-version: 0.6.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 13, 2026
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 13, 2026

Looks like flask-login is no longer updatable, so this is no longer needed.

@dependabot dependabot bot closed this Mar 13, 2026
@dependabot dependabot bot deleted the dependabot/pip/flask-login-0.6.3 branch March 13, 2026 09:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file python Pull requests that update Python code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants