Bump the production-dependencies group with 3 updates

[dependabot]

Bumps the production-dependencies group with 3 updates: flask, ghapi and gunicorn.

Updates flask from 2.3.2 to 3.0.0

Release notes

Sourced from flask's releases.

3.0.0

This is a feature release, which includes new features, removes previously deprecated code, and adds new deprecations. The 3.0.x branch is now the supported fix branch, the 2.3.x branch will become a tag marking the end of support for that branch. We encourage everyone to upgrade, and to use a tool such as pip-tools to pin all dependencies and control upgrades. Test with warnings treated as errors to be able to adapt to deprecation warnings early.

• Changes: https://flask.palletsprojects.com/en/3.0.x/changes/#version-3-0-0
• Milestone: https://github.com/pallets/flask/milestone/20?closed=1

2.3.3

This is a fix release for the 2.3.x feature branch.

• Changes: https://flask.palletsprojects.com/en/2.3.x/changes/#version-2-3-3
• Milestone: https://github.com/pallets/flask/milestone/31?closed=1

Changelog

Sourced from flask's changelog.

Version 3.0.0

Released 2023-09-30

• Remove previously deprecated code. :pr:5223
• Deprecate the __version__ attribute. Use feature detection, or importlib.metadata.version("flask"), instead. :issue:5230
• Restructure the code such that the Flask (app) and Blueprint classes have Sans-IO bases. :pr:5127
• Allow self as an argument to url_for. :pr:5264
• Require Werkzeug >= 3.0.0.

Version 2.3.3

Released 2023-08-21

• Python 3.12 compatibility.
• Require Werkzeug >= 2.3.7.
• Use flit_core instead of setuptools as build backend.
• Refactor how an app's root and instance paths are determined. :issue:5160

Commits

• 735a470 Release version 3.0.0
• efe39ae Bump Werkzeug 3.0.0
• 438edcd Allow self as an argument to url_for
• b7c1290 Fix wrong spelling of JS method .innerHTML
• 8037487 Bump pypa/gh-action-pypi-publish from 1.8.8 to 1.8.10 (#5248)
• e8076d9 Bump slsa-framework/slsa-github-generator from 1.7.0 to 1.9.0 (#5247)
• ecc4a38 Bump actions/checkout from 3.5.3 to 3.6.0 (#5246)
• 24c6508 Bump pypa/gh-action-pypi-publish from 1.8.8 to 1.8.10
• 98cef9f Bump slsa-framework/slsa-github-generator from 1.7.0 to 1.9.0
• 0c97a41 Bump actions/checkout from 3.5.3 to 3.6.0
• Additional commits viewable in compare view

Updates ghapi from 1.0.3 to 1.0.4

Changelog

Sourced from ghapi's changelog.

Release notes

Commits

• See full diff in compare view

Updates gunicorn from 20.1.0 to 21.2.0

Release notes

Sourced from gunicorn's releases.

Gunicorn 21.2.0 has been released

Gunicorn 21.2.0 has been released. This version fix the issue introduced in the threaded worker.

Changes:

21.2.0 - 2023-07-19
===================
fix thread worker: revert change considering connection as idle .
*** NOTE ***
This is fixing the bad file description error.

1. Documentation is available there: https://docs.gunicorn.org/en/stable/news.html
2. Packages: https://pypi.org/project/gunicorn/

Gunicorn 21.1.0 has been released

gunicorn 21.1.0 has been released. This version fix the issue introduced in the threaded worker.

21.1.0 - 2023-07-18

• fix thread worker: fix socket removal from the queuet checkout 21.x

Gunicorn 21 has been released

Gunicorn 21 is out with miscellaneous changes. Enjoy!

We made this release major to start our new release cycle. More info will be provided on our discussion forum.

21.0.1 - 2023-07-17

fix documentation build

21.0.0 - 2023-07-17

support python 3.11 fix gevent and eventlet workers fix threads support (gththread): improve performance and unblock requests SSL: noaw use SSLContext object HTTP parser: miscellaneous fixes remove unecessary setuid calls fix testing improve logging miscellaneous fixes to core engine

... (truncated)

Commits

• ab9c830 bump to 21.2.0
• f5669f6 Merge pull request #3033 from benoitc/fix-gthread
• bc90585 revert change considering connection as idle
• 4e12ebe bump to 21.1.0
• 60b78e3 fix setup.cfg: use new license_files property
• 83c3973 Merge pull request #3030 from benoitc/fix-ghthread
• 86d85cb fix gthread worker
• 547f856 bump 21.0.1: fix doc
• 033dca6 fix doc path to conf.py in readthedocs.yaml
• 1dd24e6 fix .readthedocs.yaml path
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions