Flask Starter Skeleton

trev-dev, updated 🕥 2023-01-07 08:07:35

Major Changes since version 1
What's included
Requirements
Instructions
- Installation
- Deployment (Dreamhost)
Other Resources
Support My Work

Now updated to Flask 2.0.1

Major Changes since version 1

Flask Assets (along with cssmin and jsmin) are no longer used. These bundlers are quite out of date and have managed to break scripts. I've chosen to replace them with a webpack toolchain for bundling/minification. You may use it, abuse it or lose it. It's up to you.

If you prefer the old configuration, it still works! The dependencies are even up-to-date. You can find the old config on the v1 branch

What's included

Bootstrap Version

In this repo is flask web-app skeleton for a basic API or Flask powered website. Bootstrap 5 is included in the static/vendor folder and you may make whatever changes to static/js or static/css that you'd like. This repository comes pre-setup with Webpack to precompile SASSy styles and Typescript.

See this project live here

Requirements

Python (preferably Python3)
Python Pip
Pipenv for virtualenv & dependency management.

Optionally: - NodeJS ^14.0 & NPM if you want to use the webpack config, or make your own config

Instructions

Installation

Clone this repository git clone [email protected]:trev-dev/flask-starter.git
Enter the flask-starter directory cd flask-starter
Install dependencies and setup virtualenv with pipenv install
Start a pipenv shell session with pipenv shell
Export your dev environment variables: bash export FLASK_ENV=development export FLASK_APP=flaskr
type flask run to start your dev server.

If you want to use the existing webpack config or make your own, all the usual steps to run npm need to happen. Once you have Node and NPM installed, run npm install to install the dependencies. The scripts npm start and npm run build handle bundling for development and production respectively.

If you just want to write normal JS/CSS you can use the statics found at flaskr/static/ folder.

Deployment (Dreamhost)

Setup hosting for a domain and ensure you have passenger enabled for Python apps.
Use FTP/SFTP/Git to move your project to its destination on Dreamhost (/home/username/example.com).
Double check your Flask config at flaskr/config.py. It probably wouldn't hurt to make sure these are not commented out and set for production, especially the SECRET_KEY.
You may need a custom installation of Python3 on Dreamhost for this to work. Please see Dreamhost's Documentation on how to do this. The Pipfile for this repo calls for python 3.9. You may use 3.6 if you update the pipenv Pipfile.
Once you've verified a usable Python3 installation, install pipenv on your Dreamhost server using pip3 install pipenv.
From the website root folder, run pipenv install to install the dependencies.
1. If you've installed a custom version of Python, pipenv can be pointed at it with pipenv --python '/path/to/python/bin/python' install.
2. If pipenv isn't on your PATH, you may use python3 -m pipenv instead
Wait a few minutes, then visit your website. It should be working. If not, Dreamhost has lots of documentation/support that can help you out. Enjoy!

The passenger_wsgi.py is set up well enough that it might just work for you without further configuration.

Other Resources

If you get stuck it wouldn't hurt to check out:

Flask's Documentation
Dreamhost's Documentation on Python
Brett's Beta - An amazing guide that I wish had been written before I tried to do this myself.

Support My Work

Issues

Bump json5 from 2.2.0 to 2.2.3

opened on 2023-01-07 08:07:34 by dependabot[bot]

Bumps json5 from 2.2.0 to 2.2.3.

Release notes

Sourced from json5's releases.

v2.2.3

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Changelog

Sourced from json5's changelog.

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

Commits

c3a7524 2.2.3
94fd06d docs: update CHANGELOG for v2.2.3
3b8cebf docs(security): use GitHub security advisories
f0fd9e1 docs: publish a security policy
6a91a05 docs(template): bug -> bug report
14f8cb1 2.2.2
10cc7ca docs: update CHANGELOG for v2.2.2
7774c10 fix: add proto to objects and arrays
edde30a Readme: slight tweak to intro
97286f8 Improve example in readme
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/trev-dev/flask-starter/network/alerts).

Bump terser from 5.7.0 to 5.14.2

opened on 2022-07-20 06:58:14 by dependabot[bot]

Bumps terser from 5.7.0 to 5.14.2.

Changelog

Sourced from terser's changelog.

v5.14.2

Security fix for RegExps that should not be evaluated (regexp DDOS)

Source maps improvements (#1211)

Performance improvements in long property access evaluation (#1213)

v5.14.1

keep_numbers option added to TypeScript defs (#1208)

Fixed parsing of nested template strings (#1204)

v5.14.0

Switched to @jridgewell/source-map for sourcemap generation (#1190, #1181)

Fixed source maps with non-terminated segments (#1106)

Enabled typescript types to be imported from the package (#1194)

Extra DOM props have been added (#1191)

Delete the AST while generating code, as a means to save RAM

v5.13.1

Removed self-assignments (varname=varname) (closes #1081)

Separated inlining code (for inlining things into references, or removing IIFEs)

Allow multiple identifiers with the same name in var destructuring (eg var { a, a } = x) (#1176)

v5.13.0

All calls to eval() were removed (#1171, #1184)

source-map was updated to 0.8.0-beta.0 (#1164)

NavigatorUAData was added to domprops to avoid property mangling (#1166)

v5.12.1

Fixed an issue with function definitions inside blocks (#1155)

Fixed parens of new in some situations (closes #1159)

v5.12.0

TERSER_DEBUG_DIR environment variable

@copyright comments are now preserved with the comments="some" option (#1153)

v5.11.0

Unicode code point escapes (\u{abcde}) are not emitted inside RegExp literals anymore (#1147)

acorn is now a regular dependency

v5.10.0

Massive optimization to max_line_len (#1109)

Basic support for import assertions

Marked ES2022 Object.hasOwn as a pure function

Fix delete optional?.property

New CI/CD pipeline with github actions (#1057)

... (truncated)

Commits

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump minimist from 1.2.5 to 1.2.6

opened on 2022-03-30 02:28:29 by dependabot[bot]

Bumps minimist from 1.2.5 to 1.2.6.

Commits

7efb22a 1.2.6
ef88b93 security notice for additional prototype pollution issue
c2b9819 isConstructorOrProto adapted from PR
bc8ecee test from prototype pollution PR
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Bump nanoid from 3.1.23 to 3.2.0

opened on 2022-01-22 04:33:42 by dependabot[bot]

Bumps nanoid from 3.1.23 to 3.2.0.

Changelog

Sourced from nanoid's changelog.

Change Log

This project adheres to Semantic Versioning.

3.2

Added --size and --alphabet arguments to binary (by Vitaly Baev).

3.1.32

Reduced async exports size (by Artyom Arutyunyan).

Moved from Jest to uvu (by Vitaly Baev).

3.1.31

Fixed collision vulnerability on object in size (by Artyom Arutyunyan).

3.1.30

Reduced size for project with brotli compression (by Anton Khlynovskiy).

3.1.29

Reduced npm package size.

3.1.28

Reduced npm package size.

3.1.27

Cleaned dependencies from development tools.

3.1.26

Improved performance (by Eitan Har-Shoshanim).

Reduced npm package size.

3.1.25

Fixed browserify support.

3.1.24

Fixed browserify support (by Artur Paikin).

Commits

23b1369 Release 3.2 version
967788e Remove TS test tools
27eaa90 Simplify new binary tool
a9d9123 Update dependencies
32b9bda Allows passing size or custom alphabet via cli as args (#334)
246d5f8 Update vite
afdf9c9 doc: Fixed Typo (#335)
90a446f Update benchmark results
8ba2319 bench: add @napi-rs/uuid v4 (#333)
f425778 Release 3.1.32 version
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

Trev

Webdev, Linux nerd and lover of music. Also on sourcehut: https://git.sr.ht/~trevdev

GitHub Repository

python flask sass dreamhost bootstrap4 phusion-passenger

Flask Starter Skeleton

Contents

Major Changes since version 1

What's included

Requirements

Instructions

Installation

Deployment (Dreamhost)

Other Resources

Support My Work

Issues

Bump json5 from 2.2.0 to 2.2.3

v2.2.3

v2.2.2

v2.2.1

v2.2.3 [code, diff]

v2.2.2 [code, diff]

v2.2.1 [code, diff]

Bump terser from 5.7.0 to 5.14.2

v5.14.2

v5.14.1

v5.14.0

v5.13.1

v5.13.0

v5.12.1

v5.12.0

v5.11.0

v5.10.0

Bump minimist from 1.2.5 to 1.2.6

Bump nanoid from 3.1.23 to 3.2.0

Change Log

3.2

3.1.32

3.1.31

3.1.30

3.1.29

3.1.28

3.1.27

3.1.26

3.1.25

3.1.24

Trev