8000 ⬆️ Upgrade Starlette to `>=0.37.2,<0.41.0` by tiangolo · Pull Request #12431 · fastapi/fastapi · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

⬆️ Upgrade Starlette to >=0.37.2,<0.41.0 #12431

Merged
merged 1 commit into from
Oct 12, 2024
Merged

Conversation

tiangolo
Copy link
Member
@tiangolo tiangolo commented Oct 12, 2024

⬆️ Upgrade Starlette to >=0.37.2,<0.41.0

@tiangolo tiangolo changed the title ⬆️ Upgrade Starlette ⬆️ Upgrade Starlette to >=0.37.2,<0.41.0 Oct 12, 2024
Copy link
Contributor

📝 Docs preview for commit 541909f at: https://e3b14dfd.fastapitiangolo.pages.dev

@tiangolo tiangolo marked this pull request as ready for review October 12, 2024 09:58
@tiangolo tiangolo merged commit b77f235 into master Oct 12, 2024
53 of 54 checks passed
@tiangolo tiangolo deleted the upgrade-starlette branch October 12, 2024 09:59
gitworkflows added a commit to gitworkflows/fastapi that referenced this pull request Oct 13, 2024
* Standardize shebang across shell scripts

* ⬆ [pre-commit.ci] pre-commit autoupdate (fastapi#12253)

updates:
- [github.com/astral-sh/ruff-pre-commit: v0.6.5 → v0.6.7](astral-sh/ruff-pre-commit@v0.6.5...v0.6.7)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>

* 📝 Update release notes

* 🔧 Update sponsors, remove Fine.dev (fastapi#12271)

* 📝 Update release notes

* 🌐 Update Portuguese translation for `docs/pt/docs/advanced/security/http-basic-auth.md` (fastapi#12275)

* 📝 Update release notes

* 🌐 Fix Korean translation for `docs/ko/docs/tutorial/index.md` (fastapi#12278)

* 🌐 Update Portuguese translation for `docs/pt/docs/tutorial/cookie-params.md` (fastapi#12297)

* 📝 Update release notes

* 🌐 Add Portuguese translation for `docs/pt/docs/advanced/response-directly.md` (fastapi#12266)

* 📝 Update release notes

* 📝 Update release notes

* 🌐 Add Portuguese translation for `docs/pt/docs/how-to/conditional-openapi.md` (fastapi#12221)

* 🌐 Add Portuguese translation for `docs/pt/docs/deployment/concepts.md` (fastapi#12219)

* 📝 Update release notes

* 📝 Update release notes

* 🌐 Add Portuguese translation for `docs/pt/docs/advanced/security/oauth2-scopes.md` (fastapi#12263)

* 📝 Update release notes

* 🌐 Add Portuguese translation for `docs/pt/docs/how-to/graphql.md` (fastapi#12215)

* 📝 Adding links for Playwright and Vite in `docs/project-generation.md` (fastapi#12274)

* 📝 Update release notes

* 📝 Update release notes

* ⬆ [pre-commit.ci] pre-commit autoupdate (fastapi#12331)

updates:
- [github.com/astral-sh/ruff-pre-commit: v0.6.7 → v0.6.8](astral-sh/ruff-pre-commit@v0.6.7...v0.6.8)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>

* 📝 Update release notes

* 📝 Update link to Swagger UI configuration docs (fastapi#12264)

* 📝 Update release notes

* ⬆ Bump griffe-typingdoc from 0.2.6 to 0.2.7 (fastapi#12370)

Bumps [griffe-typingdoc](https://github.com/mkdocstrings/griffe-typingdoc) from 0.2.6 to 0.2.7.
- [Release notes](https://github.com/mkdocstrings/griffe-typingdoc/releases)
- [Changelog](https://github.com/mkdocstrings/griffe-typingdoc/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/griffe-typingdoc@0.2.6...0.2.7)

---
updated-dependencies:
- dependency-name: griffe-typingdoc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* 📝 Update release notes

* ⬆ Bump mkdocstrings[python] from 0.25.1 to 0.26.1 (fastapi#12371)

Bumps [mkdocstrings[python]](https://github.com/mkdocstrings/mkdocstrings) from 0.25.1 to 0.26.1.
- [Release notes](https://github.com/mkdocstrings/mkdocstrings/releases)
- [Changelog](https://github.com/mkdocstrings/mkdocstrings/blob/main/CHANGELOG.md)
- [Commits](mkdocstrings/mkdocstrings@0.25.1...0.26.1)

---
updated-dependencies:
- dependency-name: mkdocstrings[python]
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alejandra <90076947+alejsdev@users.noreply.github.com>

* 📝 Update release notes

* ⬆ Bump pypa/gh-action-pypi-publish from 1.10.1 to 1.10.3 (fastapi#12386)

Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) from 1.10.1 to 1.10.3.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases)
- [Commits](pypa/gh-action-pypi-publish@v1.10.1...v1.10.3)

---
updated-dependencies:
- dependency-name: pypa/gh-action-pypi-publish
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* 📝 Update release notes

* 👷 Update Cloudflare GitHub Action (fastapi#12387)

* 📝 Update release notes

* 👷 Update deploy-docs-notify URL (fastapi#12392)

* 📝 Update release notes

* 🔧 Remove `base_path` for `mdx_include` Markdown extension in MkDocs (fastapi#12391)

* 📝 Update release notes

* 🌐 Add Portuguese translation for `docs/pt/docs/tutorial/cookie-param-models.md` (fastapi#12298)

* 📝 Update release notes

* 📝 Add External Link: How to profile a FastAPI asynchronous request (fastapi#12389)

* 📝 Update release notes

* 👷 Tweak labeler to not override custom labels (fastapi#12398)

* 📝 Update release notes

* 📝 Fix extra mdx-base-path paths (fastapi#12397)

* 📝 Update release notes

* ➕ Add docs dependency: markdown-include-variants (fastapi#12399)

* 📝 Update release notes

* 🔧 Add speakeasy-api to `sponsors_badge.yml` (fastapi#12404)

* 📝 Update release notes

* ♻️ Update type annotations for improved `python-multipart` (fastapi#12407)

* 📝 Update release notes

* 🔨 Add script to generate variants of files (fastapi#12405)

* 📝 Update release notes

* ✨ Add new tutorial for SQL databases with SQLModel (fastapi#12285)

* 📝 Update release notes

* ⬆ [pre-commit.ci] pre-commit autoupdate (fastapi#12396)

updates:
- [github.com/pre-commit/pre-commit-hooks: v4.6.0 → v5.0.0](pre-commit/pre-commit-hooks@v4.6.0...v5.0.0)
- [github.com/astral-sh/ruff-pre-commit: v0.6.8 → v0.6.9](astral-sh/ruff-pre-commit@v0.6.8...v0.6.9)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>

* 📝 Update release notes

* 🐛 Remove `Required` shadowing from fastapi using Pydantic v2 (fastapi#12197)

Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: Sofie Van Landeghem <svlandeg@users.noreply.github.com>

* 📝 Update release notes

* 🐛 Fix openapi generation with responses kwarg (fastapi#10895)

Co-authored-by: flxdot <felix.fanghaenel@nitrex.com>
Co-authored-by: Sofie Van Landeghem <svlandeg@users.noreply.github.com>
Co-authored-by: Sławek Ehlert <slawomir.ehlert@gmail.com>

* 📝 Update release notes

* 🔖 Release version 0.115.1

* ⬆️ Upgrade Starlette to `>=0.37.2,<0.41.0` (fastapi#12431)

* 📝 Update release notes

* 🔖 Release version 0.115.2

* ⬆ Update httpx requirement from <0.25.0,>=0.23.0 to >=0.23.0,<0.28.0 (fastapi#11509)

Updates the requirements on [httpx](https://github.com/encode/httpx) to permit the latest version.
- [Release notes](https://github.com/encode/httpx/releases)
- [Changelog](https://github.com/encode/httpx/blob/master/CHANGELOG.md)
- [Commits](encode/httpx@0.23.0...0.27.0)

---
updated-dependencies:
- dependency-name: httpx
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* 📝 Update release notes

* 👷 Use uv in CI (fastapi#12281)

* 📝 Update release notes

* 👷 Fix smokeshow, checkout files on CI (fastapi#12434)

* 📝 Update release notes

* 👷 Refactor label-approved, make it an internal script instead of an external GitHub Action (fastapi#12280)

* 📝 Update release notes

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
Co-authored-by: github-actions <github-actions@github.com>
Co-authored-by: Sebastián Ramírez <tiangolo@gmail.com>
Co-authored-by: Anderson Rocha <anderson-rocha@outlook.com>
Co-authored-by: kkotipy <kkotipy@gmail.com>
Co-authored-by: Rafael de Oliveira Marques <rafaelomarques@gmail.com>
Co-authored-by: João Pedro Pereira Holanda <joaopedroph09@gmail.com>
Co-authored-by: marcelomarkus <marcelomarkus@gmail.com>
Co-authored-by: AnandaCampelo <103457620+AnandaCampelo@users.noreply.github.com>
Co-authored-by: Kayque Govetri <59173212+kayqueGovetri@users.noreply.github.com>
Co-authored-by: Pavlo Pohorieltsev <49622129+makisukurisu@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Alejandra <90076947+alejsdev@users.noreply.github.com>
Co-authored-by: Balthazar Rouberol <br@imap.cc>
Co-authored-by: José Pacheco <pachewise@gmail.com>
Co-authored-by: Sofie Van Landeghem <svlandeg@users.noreply.github.com>
Co-authored-by: Felix Fanghaenel <35657654+flxdot@users.noreply.github.com>
Co-authored-by: flxdot <felix.fanghaenel@nitrex.com>
Co-authored-by: Sławek Ehlert <slawomir.ehlert@gmail.com>
@vfazio
Copy link
vfazio commented Oct 14, 2024

I don't see Starlette 0.40 released but it's now included in the supported range? Do they guarantee compatibility for a 2 version range? or was this supposed to be <0.40.0? (pre-coffee comment, so i could be missing something)

@musicinmybrain
Copy link
Contributor

I don't see Starlette 0.40 released but it's now included in the supported range? Do they guarantee compatibility for a 2 version range? or was this supposed to be <0.40.0? (pre-coffee comment, so i could be missing something)

Now that Starlette 0.40 has been released, and it turned out to be a security fix (GHSA-f96h-pmfr-66vw, CVE-2024-47874), this unusual “forward-compatibility” in FastAPI makes sense.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants
0