Closed
requested to merge dependabot/pip/samples/server/petstore/python-fastapi/starlette-0.25.0 into master
Created by: dependabot[bot]
Bumps starlette from 0.14.2 to 0.25.0.
Release notes
Sourced from starlette's releases.
Version 0.25.0
Fixed
- Limit the number of fields and files when parsing
multipart/form-data
on theMultipartParser
8c74c2c and #2036.Version 0.24.0
Added
- Allow
StaticFiles
to follow symlinks #1683.- Allow
Request.form()
as a context manager #1903.- Add
size
attribute toUploadFile
#1405.- Add
env_prefix
argument toConfig
#1990.- Add template context processors #1904.
- Support
str
anddatetime
onexpires
parameter on theResponse.set_cookie
method #1908.Changed
- Lazily build the middleware stack #2017.
- Make the
file
argument required onUploadFile
#1413.- Use debug extension instead of custom response template extension #1991.
Fixed
- Fix url parsing of ipv6 urls on
URL.replace
#1965.Version 0.23.1
Fixed
- Only stop receiving stream on
body_stream
if body is empty on theBaseHTTPMiddleware
#1940.Version 0.23.0
Added
- Add
headers
parameter to theTestClient
#1966.Deprecated
- Deprecate
Starlette
andRouter
decorators #1897.Fixed
- Fix bug on
FloatConvertor
regex #1973.Version 0.22.0
Changed
- Bypass
GZipMiddleware
when response includesContent-Encoding
#1901.Fixed
- Remove unneeded
unquote()
from query parameters on theTestClient
#1953.- Make sure
MutableHeaders._list
is actually alist
#1917.- Import compatibility with the next version of
AnyIO
#1936.Version 0.21.0
This release replaces the underlying HTTP client used on the
TestClient
(requests
➡ httpx
), and as those clients differ a bit on their API, your test suite will likely break. To make the migration smoother, you can use thebump-testclient
tool.Changed
- Replace
requests
withhttpx
inTestClient
#1376.
... (truncated)
Changelog
Sourced from starlette's changelog.
0.25.0
February 14, 2023
Fix
- Limit the number of fields and files when parsing
multipart/form-data
on theMultipartParser
8c74c2c and #2036.0.24.0
February 6, 2023
Added
- Allow
StaticFiles
to follow symlinks #1683.- Allow
Request.form()
as a context manager #1903.- Add
size
attribute toUploadFile
#1405.- Add
env_prefix
argument toConfig
#1990.- Add template context processors #1904.
- Support
str
anddatetime
onexpires
parameter on theResponse.set_cookie
method #1908.Changed
- Lazily build the middleware stack #2017.
- Make the
file
argument required onUploadFile
#1413.- Use debug extension instead of custom response template extension #1991.
Fixed
- Fix url parsing of ipv6 urls on
URL.replace
#1965.0.23.1
December 9, 2022
Fixed
- Only stop receiving stream on
body_stream
if body is empty on theBaseHTTPMiddleware
#1940.0.23.0
December 5, 2022
Added
- Add
headers
parameter to theTestClient
#1966.Deprecated
- Deprecate
Starlette
andRouter
decorators #1897.Fixed
- Fix bug on
FloatConvertor
regex #1973.0.22.0
November 17, 2022
... (truncated)
Commits
-
fc48089
Version 0.25.0 (#2035) -
bb4d8f9
🐛 Close all the multipart files on error (#2036) -
8c74c2c
Merge pull request from GHSA-74m5-2c7w-9w3x -
5771a78
Fix test not passing in 32-bit architectures (#2033) -
337ae24
Document that UploadFile'sfilename
andcontent_type
can beNone
(#2029) -
218a6b4
Version 0.24.0 (#1983) -
e05b632
Feature: Add size attribute to UploadFile (#1405) -
c568b55
allow using Request.form() as a context manager (#1903) -
0a63a6e
Supportstr
anddatetime
onexpires
parameter on theset_cookie
metho... -
94a22b8
Fix url parsing of ipv6 urls onURL.replace
(#1965) - Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) -
@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.