tmdinosaurcenter/kiosk-guestbook
1
0
Fork 0
mirror of https://github.com/tmdinosaurcenter/kiosk-guestbook.git synced 2026-06-04 03:07:45 -06:00
Code Issues Packages Projects Releases Wiki Activity

fix: upgrade to Flask 3.x and replace before_first_request

Browse Source 
- Pin Flask to >=3.1.3 to resolve all outstanding Dependabot CVEs
  (session cookie Vary header, Werkzeug DoS/RCE/safe_join vulns)
- Replace removed @before_first_request decorator with app.app_context()
  call at module level, compatible with Flask 3.0+
This commit is contained in:
Steve Dogiakos
2026-03-09 20:15:14 -06:00
parent 0c8491ce7a
commit 3e17574fe6
2 changed files with 2 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app.py
+1 -4
View File
@@ -66,10 +66,7 @@ def is_valid_email(email):
pattern = r'^[\w\.-]+@[\w\.-]+\.\w+$' pattern = r'^[\w\.-]+@[\w\.-]+\.\w+$'
return re.match(pattern, email) return re.match(pattern, email)
# TODO: @before_first_request is deprecated in Flask 2.2 and removed in Flask 3.0. with app.app_context():
# Replace with: with app.app_context(): init_db() at module level, or use a CLI command.
@app.before_first_request
def initialize_database():
init_db() init_db()
@app.route('/', methods=['GET', 'POST']) @app.route('/', methods=['GET', 'POST'])
requirements.txt
+1 -1
View File
@@ -1,3 +1,3 @@
Flask==2.2.5 Flask>=3.1.3
Werkzeug>=3.0.6 Werkzeug>=3.0.6
gunicorn gunicorn