- Update to 1.0.0:
  * Drop support for Python 3.4. (#1478)
  * Remove code that issued deprecation warnings in version 0.15. (#1477)
  * Remove most top-level attributes provided by the werkzeug module in favor of direct imports. For example, instead of import werkzeug; werkzeug.url_quote, do from werkzeug.urls import url_quote. Install version 0.16 first to see deprecation warnings while upgrading. #2, #1640
  * Added utils.invalidate_cached_property() to invalidate cached properties. (#1474)
  * Directive keys for the Set-Cookie response header are not ignored when parsing the Cookie request header. This allows cookies with names such as “expires” and “version”. (#1495)
  * Request cookies are parsed into a MultiDict to capture all values for cookies with the same key. cookies[key] returns the first value rather than the last. Use cookies.getlist(key) to get all values. parse_cookie also defaults to a MultiDict. #1562, #1458
  * Add charset=utf-8 to an HTTP exception response’s CONTENT_TYPE header. (#1526)
  * The interactive debugger handles outer variables in nested scopes such as lambdas and comprehensions. #913, #1037, #1532
  * The user agent for Opera 60 on Mac is correctly reported as “opera” instead of “chrome”. #1556
  * The platform for Crosswalk on Android is correctly reported as “android” instead of “chromeos”. (#1572)
  * Issue a warning when the current server name does not match the configured server name. #760
  * A configured server name with the default port for a scheme will match the current server name without the port if the current scheme matches. #1584
  * InternalServerError has a original_exception attribute that frameworks can use to track the original cause of the error. #1590
  * Headers are tested for equality independent of the header key case, such that X-Foo is the same as x-foo. #1605
  * http.dump_cookie() accepts 'None' as a value for samesite. #1549
  * set_cookie() accepts a samesite argument. #1705
  * Support the Content Security Policy header through the Response.content_security_policy data structure. #1617
  * LanguageAccept will fall back to matching “en” for “en-US” or “en-US” for “en” to better support clients or translations that only match at the primary language tag. #450, #1507
  * MIMEAccept uses MIME parameters for specificity when matching. #458, #1574
  * If the development server is started with an SSLContext configured to verify client certificates, the certificate in PEM format will be available as environ["SSL_CLIENT_CERT"]. #1469
  * is_resource_modified will run for methods other than GET and HEAD, rather than always returning False. #409
  * SharedDataMiddleware returns 404 rather than 500 when trying to access a directory instead of a file with the package loader. The dependency on setuptools and pkg_resources is removed. #1599
  * Add a response.cache_control.immutable flag. Keep in mind that browser support for this Cache-Control header option is still experimental and may not be implemented. #1185
  * Optional request log highlighting with the development server is handled by Click instead of termcolor. #1235
  * Optional ad-hoc TLS support for the development server is handled by cryptography instead of pyOpenSSL. #1555
  * FileStorage.save() supports pathlib and PEP 519 PathLike objects. #1653
  * The debugger security pin is unique in containers managed by Podman. #1661
  * Building a URL when host_matching is enabled takes into account the current host when there are duplicate endpoints with different hosts. #488
  * The 429 TooManyRequests and 503 ServiceUnavailable HTTP exceptions takes a retry_after parameter to set the Retry-After header. #1657

• Files Changed
• Browse Source