Bump the production-dependencies group with 3 updates

[dependabot]

Bumps the production-dependencies group with 3 updates: flask, ghapi and ghastoolkit.

Updates flask from 2.3.3 to 3.0.2

Release notes

Sourced from flask's releases.

3.0.2

This is a fix release for the 3.0.x feature release branch. It fixes bugs but does not otherwise change behavior and should not result in breaking changes.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3.0.2
• Milestone: https://github.com/pallets/flask/milestone/34?closed=1
• PyPI: https://pypi.org/project/Flask/3.0.2/

3.0.1

This is a fix release for the 3.0.x feature release branch.

Fixes an issue where using other JSON providers, such as flask-orjson, previously caused loaded session data to have an incorrect format in some cases.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-1
• Milestone: https://github.com/pallets/flask/milestone/32?closed=1
• PyPI: https://pypi.org/project/Flask/3.0.1/

3.0.0

This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 3.0.x branch is now the supported fix branch, the 2.3.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-0
• Milestone: https://github.com/pallets/flask/milestone/20?closed=1

Changelog

Sourced from flask's changelog.

Version 3.0.2

Released 2024-02-03

• Correct type for jinja_loader property. :issue:5388
• Fix error with --extra-files and --exclude-patterns CLI options. :issue:5391

Version 3.0.1

Released 2024-01-18

• Correct type for path argument to send_file. :issue:5230
• Fix a typo in an error message for the flask run --key option. :pr:5344
• Session data is untagged without relying on the built-in json.loads object_hook. This allows other JSON providers that don't implement that. :issue:5381
• Address more type findings when using mypy strict mode. :pr:5383

Version 3.0.0

Released 2023-09-30

• Remove previously deprecated code. :pr:5223
• Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("flask"), instead. :issue:5230
• Restructure the code such that the Flask (app) and Blueprint classes have Sans-IO bases. :pr:5127
• Allow self as an argument to url_for. :pr:5264
• Require Werkzeug >= 3.0.0.

Commits

• d203059 release version 3.0.2
• d7209a9 fix super call in list comprehension (#5393)
• 1af8f95 fix super call in list comprehension
• 3435d2f Fix jinja_loader typehint (#5389)
• ecc057d fix jinja_loader annotation
• 3207af8 start version 3.0.2
• 233be7a release version 3.0.1 (#5386)
• f622b1c release version 3.0.1
• 5fcc999 fix create release action
• da3a0dd fix slsa generator version
• Additional commits viewable in compare view

Updates ghapi from 1.0.4 to 1.0.5

Commits

• See full diff in compare view

Updates ghastoolkit from 0.10.0 to 0.12.2

Release notes

Sourced from ghastoolkit's releases.

v0.12.2

What's Changed

• feat: Impove octokit error handling by @​GeekMasher in GeekMasher/ghastoolkit#203

Full Changelog: GeekMasher/ghastoolkit@0.12.1...0.12.2

0.12.1

What's Changed

• fix: Solve issue with what key is used to find errors by @​GeekMasher in GeekMasher/ghastoolkit#202

Full Changelog: GeekMasher/ghastoolkit@0.12.0...0.12.1

v0.12.0

What's Changed

• feat(octo): Improve error handling in Octokit by @​GeekMasher in GeekMasher/ghastoolkit#200
• feat(version): v0.12.0 by @​GeekMasher in GeekMasher/ghastoolkit#201

Full Changelog: GeekMasher/ghastoolkit@0.11.9...0.12.0

v0.11.9

What's Changed

• fix: Secret Scanning commit_sha issue by @​GeekMasher in GeekMasher/ghastoolkit#198
• build(deps-dev): bump the pip group across 1 directories with 1 update by @​dependabot in GeekMasher/ghastoolkit#197
• build(deps-dev): bump the development-dependencies group with 2 updates by @​dependabot in GeekMasher/ghastoolkit#196
• v0.11.9 by @​GeekMasher in GeekMasher/ghastoolkit#199

Full Changelog: GeekMasher/ghastoolkit@0.11.8...0.11.9

v0.11.8

What's Changed

• feat: Update GitHub to add better owner/org and repository support by @​GeekMasher in GeekMasher/ghastoolkit#195

Full Changelog: GeekMasher/ghastoolkit@0.11.7...0.11.8

v0.11.7

What's Changed

• build(deps): bump the production-dependencies group with 1 update by @​dependabot in GeekMasher/ghastoolkit#186
• build(deps-dev): bump the development-dependencies group with 3 updates by @​dependabot in GeekMasher/ghastoolkit#193
• feat(deps): Add hashable support by @​GeekMasher in GeekMasher/ghastoolkit#194

Full Changelog: GeekMasher/ghastoolkit@0.11.6...0.11.7

v0.11.6

What's Changed

... (truncated)

Commits

• 7d49b7b Merge pull request #203 from GeekMasher/octokit-errors-improve
• 31dd871 feat: Impove octokit error handling
• d4b72ae Merge pull request #202 from GeekMasher/octokit-errors-msg
• 7744dc7 feat(deps): Update deps
• 20344e1 feat: Add tests and small changes
• 8bd64f2 fix: String issue
• 40145a7 feat: Add error output for documentation url
• 6473e9b feat(version): v0.12.1
• db33970 fix: Solve issue with what key is used to find errors
• 76ebdea Merge pull request #201 from GeekMasher/v0120
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml