* Update flake8-docstrings from 0.2.5 to 1.0.2
* Update werkzeug from 0.11.4 to 0.11.11
* Update sqlalchemy from 1.0.12 to 1.1.3
* Update flake8-quotes from 0.2.4 to 0.8.1
* Update webtest from 2.0.20 to 2.0.23
* Update flask-wtf from 0.12 to 0.13.1
* Update flake8-blind-except from 0.1.0 to 0.1.1
* Update isort from 4.2.2 to 4.2.5
* Update flake8-isort from 1.2 to 2.0.1
* Update pep8-naming from 0.3.3 to 0.4.1
* Update factory-boy from 2.6.1 to 2.7.0
* Update pytest from 2.9.0 to 3.0.3
* Update psycopg2 from 2.6.1 to 2.6.2
* Update flask-login from 0.3.2 to 0.4.0
* Update flake8 from 2.5.4 to 3.0.4
Use the new FLASK_DEBUG environment variable
which is standard as of Flask 0.11, in order
to control the use of dev or prod config.
Need to set this anyway, in order for "flask run"
to use reloader and no concurrency.
- Update Flask to 0.11 (with built-in Click integration)
- Remove manage.py
- Add autoapp.py per Flask doc's new recommendations
for using Click with an app factory
- Define cookiecutter-flask's commands in cli.py
- Register shell context and shell commands as part
of factory-based app creation
- Update README instructions with examples for running
commands in new Click style
Switch Register CSRF protect from form.hidden_tag to input hidden
value=csrf_token.
I don't understand why this is necessary, as form.hidden_tag works
elsewhere--this may be a symptom of an aliasing issue. However, it was
the solution applied to fix login in a previous commit as described in
https://github.com/sloria/cookiecutter-flask/issues/34.
The `testapp` fixture depends on the `app` fixture, but the `app` fixture's
scope was redefined as 'function' in commit 35c32e, which is narrower than
the scope of `testapp` ('session').
Since `testapp` only depends only on `app`, it is safe to make it's scope match
`app`.