Upgrade requirements to modern package versions and fix Python 3.9+ compatibility

[Copilot]

requirements.txt was pinned to 2017–2018 package versions incompatible with modern Python and setuptools, causing CI to fail with ImportError: cannot import name 'Feature' from 'setuptools' when building MarkupSafe==1.0.

requirements.txt

All 20 packages updated to current stable versions (Flask 3.0.3, SQLAlchemy 2.0.29, itsdangerous 2.2.0, etc.).

Breaking API fixes

itsdangerous 2.x — TimedJSONWebSignatureSerializer removed; migrated to URLSafeTimedSerializer:

# Before
from itsdangerous import TimedJSONWebSignatureSerializer
s = Serializer(secret, expires_sec)
return s.dumps({'user_id': self.id}).decode('utf-8')

# After
from itsdangerous.url_safe import URLSafeTimedSerializer as Serializer
s = Serializer(secret)
return s.dumps({'user_id': self.id})          # returns str now
user_id = s.loads(token, max_age=1800)['user_id']  # expiry moved to loads()

SQLAlchemy 2.0 — Query.get() removed; replaced with db.session.get(Model, id):

# Before
return User.query.get(int(user_id))
# After
return db.session.get(User, int(user_id))

Flask-SQLAlchemy 3.0 — Query.get_or_404(), Query.first_or_404(), and Query.paginate() removed from the query interface; migrated to db-level methods with explicit select() statements:

# Before
post = Post.query.get_or_404(post_id)
user = User.query.filter_by(username=username).first_or_404()
posts = Post.query.order_by(Post.date_posted.desc()).paginate(page=page, per_page=5)

# After
post = db.get_or_404(Post, post_id)
user = db.first_or_404(select(User).filter_by(username=username))
posts = db.paginate(select(Post).order_by(Post.date_posted.desc()), page=page, per_page=5)

Housekeeping

• Added .gitignore covering __pycache__/, instance/, and *.db
• Changed bare except: to except Exception: in token verification

Original prompt

Problem

The requirements.txt in the repository is pinned to very old package versions from around 2017–2018 that are incompatible with modern Python (3.9+) and modern setuptools. The CI build is failing with:

ImportError: cannot import name 'Feature' from 'setuptools'
ERROR: Failed to build 'MarkupSafe' when getting requirements to build wheel
Error: Process completed with exit code 1.

setuptools removed the deprecated Feature class in newer versions. MarkupSafe==1.0 (and several other packages) use it in their old setup.py, causing the build to fail on Python 3.9+.

Fix

Update requirements.txt with compatible, modern package versions:

bcrypt==4.1.3
blinker==1.7.0
certifi==2024.2.2
cffi==1.16.0
click==8.1.7
Flask==3.0.3
Flask-Bcrypt==1.0.1
Flask-Login==0.6.3
Flask-Mail==0.10.0
Flask-SQLAlchemy==3.1.1
Flask-WTF==1.2.1
itsdangerous==2.2.0
Jinja2==3.1.3
MarkupSafe==2.1.5
Pillow==10.3.0
pycparser==2.22
six==1.16.0
SQLAlchemy==2.0.29
Werkzeug==3.0.3
WTForms==3.1.2

Replace the entire contents of requirements.txt with the above updated versions.

This pull request was created from Copilot chat.

---

🔒 GitHub Advanced Security automatically protects Copilot coding agent pull requests. You can protect all pull requests by enabling Advanced Security for your repositories. Learn more about Advanced Security.