Log Message:
py-werkzeug{-docs}: updated to 1.0.1

Version 1.0.1
-   Make the argument to ``RequestRedirect.get_response`` optional.
-   Only allow a single access control allow origin value.
-   Fix crash when trying to parse a non-existent Content Security
    Policy header.
-   ``http_date`` zero fills years < 1000 to always output four digits.
-   Fix missing local variables in interactive debugger console.
-   Fix passing file-like objects like ``io.BytesIO`` to
    ``FileStorage.save``.

Version 1.0.0
-   Drop support for Python 3.4. (:issue:`1478`)
-   Remove code that issued deprecation warnings in version 0.15.
    (:issue:`1477`)
-   Remove most top-level attributes provided by the ``werkzeug``
    module in favor of direct imports. For example, instead of
    ``import werkzeug; werkzeug.url_quote``, do
    ``from werkzeug.urls import url_quote``. Install version 0.16 first
    to see deprecation warnings while upgrading.
-   Added ``utils.invalidate_cached_property()`` to invalidate cached
    properties. (:pr:`1474`)
-   Directive keys for the ``Set-Cookie`` response header are not
    ignored when parsing the ``Cookie`` request header. This allows
    cookies with names such as "expires" and "version". \ 
(:issue:`1495`)
-   Request cookies are parsed into a ``MultiDict`` to capture all
    values for cookies with the same key. ``cookies[key]`` returns the
    first value rather than the last. Use ``cookies.getlist(key)`` to
    get all values. ``parse_cookie`` also defaults to a ``MultiDict``.
-   Add ``charset=utf-8`` to an HTTP exception response's
    ``CONTENT_TYPE`` header. (:pr:`1526`)
-   The interactive debugger handles outer variables in nested scopes
    such as lambdas and comprehensions.
-   The user agent for Opera 60 on Mac is correctly reported as
    "opera" instead of "chrome".
-   The platform for Crosswalk on Android is correctly reported as
    "android" instead of "chromeos". (:pr:`1572`)
-   Issue a warning when the current server name does not match the
    configured server name.
-   A configured server name with the default port for a scheme will
    match the current server name without the port if the current scheme
    matches.
-   :exc:`~exceptions.InternalServerError` has a ``original_exception``
    attribute that frameworks can use to track the original cause of the
    error.
-   Headers are tested for equality independent of the header key case,
    such that ``X-Foo`` is the same as ``x-foo``.
-   :meth:`http.dump_cookie` accepts ``'None'`` as a value for
    ``samesite``.
-   :meth:`~test.Client.set_cookie` accepts a ``samesite`` argument.
-   Support the Content Security Policy header through the
    `Response.content_security_policy` data structure.
-   ``LanguageAccept`` will fall back to matching "en" for \ 
"en-US" or
    "en-US" for "en" to better support clients or \ 
translations that
    only match at the primary language tag.
-   ``MIMEAccept`` uses MIME parameters for specificity when matching.
-   If the development server is started with an ``SSLContext``
    configured to verify client certificates, the certificate in PEM
    format will be available as ``environ["SSL_CLIENT_CERT"]``.
-   ``is_resource_modified`` will run for methods other than ``GET`` and
    ``HEAD``, rather than always returning ``False``.
-   ``SharedDataMiddleware`` returns 404 rather than 500 when trying to
    access a directory instead of a file with the package loader. The
    dependency on setuptools and pkg_resources is removed.
-   Add a ``response.cache_control.immutable`` flag. Keep in mind that
    browser support for this ``Cache-Control`` header option is still
    experimental and may not be implemented.
-   Optional request log highlighting with the development server is
    handled by Click instead of termcolor.
-   Optional ad-hoc TLS support for the development server is handled
    by cryptography instead of pyOpenSSL.
-   ``FileStorage.save()`` supports ``pathlib`` and :pep:`519`
    ``PathLike`` objects.
-   The debugger security pin is unique in containers managed by Podman.
-   Building a URL when ``host_matching`` is enabled takes into account
    the current host when there are duplicate endpoints with different
    hosts.
-   The ``429 TooManyRequests`` and ``503 ServiceUnavailable`` HTTP
    exceptions takes a ``retry_after`` parameter to set the
    ``Retry-After`` header.
-   ``Map`` and ``Rule`` have a ``merge_slashes`` option to collapse
    multiple slashes into one, similar to how many HTTP servers behave.
    This is enabled by default.
-   Add HTTP 103, 208, 306, 425, 506, 508, and 511 to the list of status
    codes.
-   Add ``update``, ``setlist``, and ``setlistdefault`` methods to the
    ``Headers`` data structure. ``extend`` method can take ``MultiDict``
    and kwargs.
-   The development server accepts paths that start with two slashes,
    rather than stripping off the first path segment.
-   Add access control (Cross Origin Request Sharing, CORS) header
    properties to the ``Request`` and ``Response`` wrappers.
-   ``Accept`` values are no longer ordered alphabetically for equal
    quality tags. Instead the initial order is preserved.
-   Added ``Map.lock_class`` attribute for alternative
    implementations.
-   Support matching and building WebSocket rules in the routing system,
    for use by async frameworks.
-   Range requests that span an entire file respond with 206 instead of
    200, to be more compliant with :rfc:`7233`. This may help serving
    media to older browsers.
-   The :class:`~middleware.shared_data.SharedDataMiddleware` default
    ``fallback_mimetype`` is ``application/octet-stream``. If a filename
    looks like a text mimetype, the ``utf-8`` charset is added to it.
    This matches the behavior of :class:`~wrappers.BaseResponse` and
    Flask's ``send_file()``.