applying upgrade of 1.5.1 -> 1.6.0. Upgraded login form. Added @csrf tokens to forms using post. Fix security issue by displaying username without escaping html entities. User queries hrefs have their names url quoted which makes multi word queries a valid url.

#!/usr/bin/env python
import sys
import roundup

from roundup.demo import main

sys.exit(main())