Releases: litestar-org/litestar
v2.12.1
b9a91e6
provinzkraut
Janek Nouvertné
Sponsors 🌟
Thanks to these incredible business sponsors:
- Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team), Avra
A huge 'Thank you!' to all sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
Bugfixes 🐛
- fix(typing): Don't require annotated_types by @provinzkraut in #3750
Full Changelog
v2.12.0...v2.12.1
Contributors
Assets 2
v2.12.0
06efa69
provinzkraut
Janek Nouvertné
Sponsors 🌟
Thanks to these incredible business sponsors:
- Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team), Avra
Thanks to these incredible personal sponsors:
- Polar.sh: @Nozavi, @cemrehancavdar, @thomastu, @skewty, @iRod3s
- GitHub Sponsors: @roboflow, @benjamin-kirkbride, @crisog, @geeshta, @cbscsm, @ruslan-korneev
- OpenCollective: Christian Y, Anonymous
A huge 'Thank you!' to all sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
Bugfixes 🐛
- Fix overzealous warning for greedy middleware
excludepattern by @euri10 in #3712 - Fix dangling coroutines in request extraction handling cleanup by @provinzkraut in #3735
- Fix OpenAPI handling of
typekeyword by @provinzkraut in #3715 - Fix OpenAPI handling of invalid schema keys by @thiagozf in #3635
- Fix OpenAPI handling of
msgspec.Structtagged unions by @provinzkraut in #3742
New features 🚀
- Support strings in
media_typeforResponseSpecby @provinzkraut in #3729 - Allow customizing schema component keys by @provinzkraut in #3738
- Raise exception when body parameter is annotated with non-bytes type by @provinzkraut in #3740
- Bump
scalarOpenAPI Plugin tolatestrelease by @cofin in #3747
Other changes
- Overhauled metadata handling by @provinzkraut in #3721
Full Changelog
v2.11.0...v2.12.0
Contributors
Assets 2
v2.11.0
Sponsors 🌟
Thanks to these incredible business sponsors:
- Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team), Avra
Thanks to these incredible personal sponsors:
- Polar.sh: @Nozavi, @cemrehancavdar, @thomastu, @skewty, @iRod3s
- GitHub Sponsors: @roboflow, @benjamin-kirkbride, @crisog, @geeshta, @cbscsm, @ruslan-korneev
- OpenCollective: Christian Y, Anonymous
A huge 'Thank you!' to all sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
New contributors 🎉
- @supercoder-dev made their first contribution in #3565
- @jlr295 made their first contribution in #3660
- @aarcex3 made their first contribution in #3703
- @Zimzozaur made their first contribution in #3661
- @stewit made their first contribution in #3603
- @trim21 made their first contribution in #3698
- @FarhanAliRaza made their first contribution in #3702
Bugfixes 🐛
- fix(connection): Fix creation of FormMultiDict in Request.form to properly handle multi-keys by @provinzkraut in #3639
- fix: Small docs update. by @Zimzozaur in #3661
- fix(DTO): Inconsistent use of strict mode by @provinzkraut in #3685
- fix(prometheus): use path template for prometheus metrics by @evstratbg in #3687
- fix: OpenTelemetry doesn't capture exceptions in the outermost application layer by @provinzkraut in #3689
- fix: updated sqlalchemy samples & unpin
advanced-alchemyby @cofin in #3693 - fix(#3554): correct
module_to_os_pathto return directory paths by @supercoder-dev in #3565 - fix: csrf middleware excluding router by @trim21 in #3698
- fix: inconsistent behavior between
signature_namespaceandsignature_typesby @cofin in #3696 - fix(JWT): Response with 401 on token payload validation by @provinzkraut in #3705
New features 🚀
- feat: switched abandonded python-jose to pyjwt by @nielsvanhooy in #3684
- feat(DTO): introduce
forbid_unknown_fieldsconfig by @provinzkraut in #3690 - feat(JWT): Custom JWT payload classes by @provinzkraut in #3692
- feat(DTO): Support
extra="forbid"model config forPydanticDTOby @provinzkraut in #3691 - feat(middleware): Warn about greedy exclude patterns by @provinzkraut in #3700
- feat: problem details plugin by @peterschutt in #3323
- feat(JWT): Customised token verification by @provinzkraut in #3695
Other changes
- docs: fixed bad links in
flaskmigration guide by @jlr295 in #3660 - docs: Fix misplaced comment in dependency-injection.rst for better clarity by @Zimzozaur in #3671
- docs: Added Posting tool as an alternative to Postman in 06-receiving-data.rst by @Zimzozaur in #3670
- docs: Document custom types by @stewit in #3603
- docs: stale reference to pydantic signature models by @cofin in #3697
- docs: Fixing spelling in request.rst by @aarcex3 in #3703
- docs: fixed incorrect docs for default status code for http handler by @FarhanAliRaza in #3702
Full Changelog
v2.10.0...v2.11.0
Contributors
Assets 2
v2.10.0
Sponsors 🌟
Thanks to these incredible business sponsors:
- Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team), Avra
Thanks to these incredible personal sponsors:
- Polar.sh: @Nozavi, @cemrehancavdar, @thomastu, @skewty, @iRod3s
- GitHub Sponsors: @roboflow, @benjamin-kirkbride, @crisog, @geeshta, @cbscsm, @ruslan-korneev
- OpenCollective: Christian Y, Anonymous
A huge 'Thank you!' to all sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
New contributors 🎉
- @taihim made their first contribution in #3610
- @l-armstrong made their first contribution in #3618
- @Anu-cool-007 made their first contribution in #3608
- @Murtagy made their first contribution in #3526
- @tcbegley made their first contribution in #3629
- @rafalkrupinski made their first contribution in #3575
Bugfixes 🐛
- fix(signature): Fix #3593: Ensure signature model internal function signatures don't clash with model signature by @provinzkraut in #3605
- fix(OpenAPI): Correctly handle Annotated NewType by @sherbang in #3615
- fix: use
ASGIConnectioninstead ofRequestforflashby @cofin in #3626 - fix(handlers): Allow returning
Response[None]from head route handlers by @provinzkraut in #3641
New features 🚀
- feat: allow creating parent directories for a file store by @Murtagy in #3526
- feat(logging): add param
logging_moduletoLoggingConfigby @jderrien in #3578 - feat: add handler name to exceptions in handler validation. by @rafalkrupinski in #3575
- feat(Pydantic): added parameters in pydantic plugin to support strict validation and all the
model_dumpargs by @Anu-cool-007 in #3608
Other changes
- docs: fix typos in examples.contrib.prometheus by @taihim in #3610
- docs: fixed create_ws_route_handlers typo. by @l-armstrong in #3618
- docs: fix link to available issues by @tcbegley in #3629
Full Changelog
v2.9.1...v2.10.0
Contributors
Assets 2
v2.9.1
e9c9839
provinzkraut
Janek Nouvertné
Sponsors 🌟
Thanks to these incredible business sponsors:
- Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team), Avra
A huge 'Thank you!' to all sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
New contributors 🎉
- @PossiblePanda made their first contribution in #3555
- @eltociear made their first contribution in #3563
- @evstratbg made their first contribution in #3533
Bugfixes 🐛
- fix: add OPTIONS to the default safe methods for CSRFConfig by @wer153 in #3538
- fix(docs): fixed typo in routing overview by @PossiblePanda in #3555
- fix(prometheus): capture templated route name for metrics by @evstratbg in #3533
- fix(testing):
.websocket_connectdoes not respectbase_urlby @provinzkraut in #3567 - fix(warnings): Do not warn for default handlers by @Alc-Alc in #3569
- fix(CLI): Don't call
rich_click.patchifrich_clickis installed by @provinzkraut in #3570 - fix(OpenAPI): Correctly handle
typing.NewTypeby @provinzkraut in #3580 - fix: encode response content object returned from an exception handler. by @rafalkrupinski in #3585
Other changes
- docs(logging): use
queue_listeneras mentioned in the warning by @jderrien in #3540 - docs: Changed cli to concurrency in concurrency.rst by @PossiblePanda in #3557
- docs: update ui_plugins.rst by @eltociear in #3563
- docs(logging): advise to use
log_exceptions="always"by @jderrien in #3577 - refactor(logging): improve
LoggingConfig& deprecateLoggingConfig.propagateby @jderrien in #3543
Full Changelog
v2.9.0...v2.9.1
Contributors
Assets 2
v2.9.0
31bc080
provinzkraut
Janek Nouvertné
Sponsors 🌟
Thanks to these incredible business sponsors:
- Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team), Bruno
Thanks to these incredible personal sponsors:
-
Polar.sh: @Nozavi, @cemrehancavdar, @thomastu, @skewty, @iRod3s
-
GitHub Sponsors: @benjamin-kirkbride, @crisog, @geeshta, @cbscsm, @ruslan-korneev
-
OpenCollective: Christian Y, Anonymous
-
A huge 'Thank you!' to all sponsors, subscribers, and contributors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
New contributors 🎉
- @JorenSix made their first contribution in #3475
- @tibor-reiss made their first contribution in #3497
- @ch-iv made their first contribution in #3434
- @0xE111 made their first contribution in #3511
- @maintain0404 made their first contribution in #3405
Bugfixes 🐛
- fix: asgi lifespan msg after lifespan context exception by @peterschutt in #3315
- fix: bug when pydantic==1.10 is installed by @peterschutt in #3335
- fix: OpenAPI router and controller on same app. by @peterschutt in #3338
- fix: pydantic v2 import tests for pydantic v1.10.15 by @peterschutt in #3347
- fix: Remove use of asserts for control flow. by @peterschutt in #3359
- fix: schema for generic wrapped return types with DTO by @peterschutt in #3371
- fix: Ambiguous default warning for no signature default by @peterschutt in #3378
- fix: Path param consumed by dependency treated as unconsumed by @peterschutt in #3380
- fix: "name" and "in" should not be included in openapi headers by @peterschutt in #3417
- fix: top-level import of optional package by @peterschutt in #3418
- fix: regular handler under mounted app by @peterschutt in #3430
- fix: logging to file with structlog by @peterschutt in #3425
- fix: clear session cookie if new session gt CHUNK_SIZE by @peterschutt in #3446
- fix: flash messages were not displayed on Redirect by @euri10 in #3420
- fix: Validation of optional sequence in multipart data with one value by @provinzkraut in #3408
- fix(ci): adjust issue template to not allow blank issues by @JacobCoffee in #3452
- fix(pydantic v1): field not optional if default value by @peterschutt in #3476
- fix: prevent starting multiple responses by @peterschutt in #3479
- fix: logging middleware with multi-body response by @peterschutt in #3478
- fix(dto): handle dto type nested in mapping by @peterschutt in #3486
- fix: examples omitted in schema produced by dto by @peterschutt in #3510
- fix(validation): fix: handling validation of subscribed generics by @provinzkraut in #3519
- fix: exclude static file from schema by @tibor-reiss in #3509
- fix: use re.match instead of re.search for mounted app path (#3501) by @0xE111 in #3511
- fix(logging): do not log exceptions twice, deprecate
traceback_line_limitand fix:pretty_print_ttyby @jderrien in #3507 - fix(OpenAPI): YAML schema dump by @floxay in #3537
New features 🚀
- Add async
websocket_connecttoAsyncTestClientby @kedod in #3328 - Add
SecretStringandSecretBytesdatastructures by @peterschutt in #3322
Other changes
- Deprecate subclassing route handler decorators by @provinzkraut in #3439
- Deprecate CORSMiddleware from public interface. by @peterschutt in #3404
Full Changelog
v2.8.3...v2.9.0
Contributors
Assets 2
v2.8.3
This release contains a patch for a vulnerability that would allow path traversal in the static file serving functionality of Litestar. It is highly recommended to update your minor version to this patch release.
You can find more background information in the related discussion #3473 .
Sponsors 🌟
Thanks to these incredible business sponsors:
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
A huge 'Thank you!' to all other sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
New contributors 🎉
- @maintain0404 made their first contribution in #3405
Bugfixes 🐛
- Fix improper Limitation of a Pathname to a Restricted Directory by @peterschutt in GHSA-83pv-qr33-2vcf
- Remove use of asserts for control flow in Pydantic Plugin by @peterschutt in #3359
- Fix OpenAPI schema for generic wrapped return types with DTO by @peterschutt in #3371
- Fix ambiguous default warning for no signature default by @peterschutt in #3378
- Fix path param consumed by dependency treated as unconsumed by @peterschutt in #3380
- Fix remove
nameandinproperties included in OpenAPI headers by @peterschutt in #3417 - Fix unconditional minijinja import in flash-messages plugin by @peterschutt in #3418
- Fix routing issues with regular handler under mounted app by @peterschutt in #3430
- Fix file logging with structlog by @peterschutt in #3425
- Fix clearing large session cookies by @peterschutt in #3446
- Fix flash messages were not displayed on redirects by @euri10 in #3420
- Fix alidation of optional sequence in multipart data with one value by @provinzkraut in #3408
Documentation
- Update
usage/static_filesby @JacobCoffee in #3358 - Fix broken url; swagger ui by @wer153 in #3368
- Correct a word by @wer153 in #3412
- Fix WebSockets documentation grammar by @marcuslimdw in #3413
- Fix intersphinx mapping for advanced-alchemy by @provinzkraut in #3438
- Update
usage/cachingby @JacobCoffee in #3345 - Update
docs/usage/security/*by @JacobCoffee in #3344 - Improve sse by @euri10 in #3454
Full Changelog
v2.8.2...v2.8.3
Contributors
Assets 2
v2.7.2
This release contains a patch for a vulnerability that would allow path traversal in the static file serving functionality of Litestar. It is highly recommended to update your minor version to this patch release.
You can find more background information in the related discussion #3473 .
Sponsors 🌟
Thanks to these incredible business sponsors:
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
A huge 'Thank you!' to all other sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
- Fix improper Limitation of a Pathname to a Restricted Directory by @peterschutt in GHSA-83pv-qr33-2vcf
Contributors
Assets 2
v2.6.4
This release contains a patch for a vulnerability that would allow path traversal in the static file serving functionality of Litestar. It is highly recommended to update your minor version to this patch release.
You can find more background information in the related discussion #3473 .
Sponsors 🌟
Thanks to these incredible business sponsors:
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
A huge 'Thank you!' to all other sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
- Fix improper Limitation of a Pathname to a Restricted Directory by @peterschutt in GHSA-83pv-qr33-2vcf
Contributors
Assets 2
v1.51.16
d3e0c04
provinzkraut
Janek Nouvertné
This release contains a patch for a vulnerability that would allow path traversal in the static file serving functionality of Litestar. It is highly recommended to update your minor version to this patch release.
You can find more background information in the related discussion #3473 .
Sponsors 🌟
Thanks to these incredible business sponsors:
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
A huge 'Thank you!' to all other sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
- Fix improper Limitation of a Pathname to a Restricted Directory by @peterschutt in GHSA-83pv-qr33-2vcf