Releases: litestar-org/litestar
v2.9.1
Sponsors 🌟
Thanks to these incredible business sponsors:
- Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team), Bruno
A huge 'Thank you!' to all sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
New contributors 🎉
- @PossiblePanda made their first contribution in #3555
- @eltociear made their first contribution in #3563
- @evstratbg made their first contribution in #3533
Bugfixes 🐛
- fix: add OPTIONS to the default safe methods for CSRFConfig by @wer153 in #3538
- fix(docs): fixed typo in routing overview by @PossiblePanda in #3555
- fix(prometheus): capture templated route name for metrics by @evstratbg in #3533
- fix(testing):
.websocket_connect
does not respectbase_url
by @provinzkraut in #3567 - fix(warnings): Do not warn for default handlers by @Alc-Alc in #3569
- fix(CLI): Don't call
rich_click.patch
ifrich_click
is installed by @provinzkraut in #3570 - fix(OpenAPI): Correctly handle
typing.NewType
by @provinzkraut in #3580 - fix: encode response content object returned from an exception handler. by @rafalkrupinski in #3585
Other changes
- docs(logging): use
queue_listener
as mentioned in the warning by @jderrien in #3540 - docs: Changed cli to concurrency in concurrency.rst by @PossiblePanda in #3557
- docs: update ui_plugins.rst by @eltociear in #3563
- docs(logging): advise to use
log_exceptions="always"
by @jderrien in #3577 - refactor(logging): improve
LoggingConfig
& deprecateLoggingConfig.propagate
by @jderrien in #3543
Full Changelog
v2.9.0...v2.9.1
v2.9.0
Sponsors 🌟
Thanks to these incredible business sponsors:
- Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team), Bruno
Thanks to these incredible personal sponsors:
-
Polar.sh: @Nozavi, @cemrehancavdar, @thomastu, @skewty, @iRod3s
-
GitHub Sponsors: @benjamin-kirkbride, @crisog, @geeshta, @cbscsm, @ruslan-korneev
-
OpenCollective: Christian Y, Anonymous
-
A huge 'Thank you!' to all sponsors, subscribers, and contributors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
New contributors 🎉
- @JorenSix made their first contribution in #3475
- @tibor-reiss made their first contribution in #3497
- @ch-iv made their first contribution in #3434
- @0xE111 made their first contribution in #3511
- @maintain0404 made their first contribution in #3405
Bugfixes 🐛
- fix: asgi lifespan msg after lifespan context exception by @peterschutt in #3315
- fix: bug when pydantic==1.10 is installed by @peterschutt in #3335
- fix: OpenAPI router and controller on same app. by @peterschutt in #3338
- fix: pydantic v2 import tests for pydantic v1.10.15 by @peterschutt in #3347
- fix: Remove use of asserts for control flow. by @peterschutt in #3359
- fix: schema for generic wrapped return types with DTO by @peterschutt in #3371
- fix: Ambiguous default warning for no signature default by @peterschutt in #3378
- fix: Path param consumed by dependency treated as unconsumed by @peterschutt in #3380
- fix: "name" and "in" should not be included in openapi headers by @peterschutt in #3417
- fix: top-level import of optional package by @peterschutt in #3418
- fix: regular handler under mounted app by @peterschutt in #3430
- fix: logging to file with structlog by @peterschutt in #3425
- fix: clear session cookie if new session gt CHUNK_SIZE by @peterschutt in #3446
- fix: flash messages were not displayed on Redirect by @euri10 in #3420
- fix: Validation of optional sequence in multipart data with one value by @provinzkraut in #3408
- fix(ci): adjust issue template to not allow blank issues by @JacobCoffee in #3452
- fix(pydantic v1): field not optional if default value by @peterschutt in #3476
- fix: prevent starting multiple responses by @peterschutt in #3479
- fix: logging middleware with multi-body response by @peterschutt in #3478
- fix(dto): handle dto type nested in mapping by @peterschutt in #3486
- fix: examples omitted in schema produced by dto by @peterschutt in #3510
- fix(validation): fix: handling validation of subscribed generics by @provinzkraut in #3519
- fix: exclude static file from schema by @tibor-reiss in #3509
- fix: use re.match instead of re.search for mounted app path (#3501) by @0xE111 in #3511
- fix(logging): do not log exceptions twice, deprecate
traceback_line_limit
and fix:pretty_print_tty
by @jderrien in #3507 - fix(OpenAPI): YAML schema dump by @floxay in #3537
New features 🚀
- Add async
websocket_connect
toAsyncTestClient
by @kedod in #3328 - Add
SecretString
andSecretBytes
datastructures by @peterschutt in #3322
Other changes
- Deprecate subclassing route handler decorators by @provinzkraut in #3439
- Deprecate CORSMiddleware from public interface. by @peterschutt in #3404
Full Changelog
v2.8.3...v2.9.0
v2.8.3
This release contains a patch for a vulnerability that would allow path traversal in the static file serving functionality of Litestar. It is highly recommended to update your minor version to this patch release.
You can find more background information in the related discussion #3473 .
Sponsors 🌟
Thanks to these incredible business sponsors:
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
A huge 'Thank you!' to all other sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
New contributors 🎉
- @maintain0404 made their first contribution in #3405
Bugfixes 🐛
- Fix improper Limitation of a Pathname to a Restricted Directory by @peterschutt in GHSA-83pv-qr33-2vcf
- Remove use of asserts for control flow in Pydantic Plugin by @peterschutt in #3359
- Fix OpenAPI schema for generic wrapped return types with DTO by @peterschutt in #3371
- Fix ambiguous default warning for no signature default by @peterschutt in #3378
- Fix path param consumed by dependency treated as unconsumed by @peterschutt in #3380
- Fix remove
name
andin
properties included in OpenAPI headers by @peterschutt in #3417 - Fix unconditional minijinja import in flash-messages plugin by @peterschutt in #3418
- Fix routing issues with regular handler under mounted app by @peterschutt in #3430
- Fix file logging with structlog by @peterschutt in #3425
- Fix clearing large session cookies by @peterschutt in #3446
- Fix flash messages were not displayed on redirects by @euri10 in #3420
- Fix alidation of optional sequence in multipart data with one value by @provinzkraut in #3408
Documentation
- Update
usage/static_files
by @JacobCoffee in #3358 - Fix broken url; swagger ui by @wer153 in #3368
- Correct a word by @wer153 in #3412
- Fix WebSockets documentation grammar by @marcuslimdw in #3413
- Fix intersphinx mapping for advanced-alchemy by @provinzkraut in #3438
- Update
usage/caching
by @JacobCoffee in #3345 - Update
docs/usage/security/*
by @JacobCoffee in #3344 - Improve sse by @euri10 in #3454
Full Changelog
v2.8.2...v2.8.3
v2.7.2
This release contains a patch for a vulnerability that would allow path traversal in the static file serving functionality of Litestar. It is highly recommended to update your minor version to this patch release.
You can find more background information in the related discussion #3473 .
Sponsors 🌟
Thanks to these incredible business sponsors:
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
A huge 'Thank you!' to all other sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
- Fix improper Limitation of a Pathname to a Restricted Directory by @peterschutt in GHSA-83pv-qr33-2vcf
v2.6.4
This release contains a patch for a vulnerability that would allow path traversal in the static file serving functionality of Litestar. It is highly recommended to update your minor version to this patch release.
You can find more background information in the related discussion #3473 .
Sponsors 🌟
Thanks to these incredible business sponsors:
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
A huge 'Thank you!' to all other sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
- Fix improper Limitation of a Pathname to a Restricted Directory by @peterschutt in GHSA-83pv-qr33-2vcf
v1.51.16
This release contains a patch for a vulnerability that would allow path traversal in the static file serving functionality of Litestar. It is highly recommended to update your minor version to this patch release.
You can find more background information in the related discussion #3473 .
Sponsors 🌟
Thanks to these incredible business sponsors:
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
A huge 'Thank you!' to all other sponsors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
- Fix improper Limitation of a Pathname to a Restricted Directory by @peterschutt in GHSA-83pv-qr33-2vcf
v1.51.15
Maintenance release
- Update dependencies and release pipeline by @provinzkraut in #3469
Full Changelog: v1.51.14...v1.51.15
v2.8.2
Sponsors 🌟
Thanks to these incredible business sponsors:
-
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
-
A huge 'Thank you!' to all sponsors, subscribers, and contributors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
Bugfixes 🐛
- fix: pydantic import differentiation for pydantic v1.10.15 by @peterschutt in #3347
Full Changelog
v2.8.1...v2.8.2
v2.8.1
Sponsors 🌟
Thanks to these incredible business sponsors:
-
Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
-
A huge 'Thank you!' to all sponsors, subscribers, and contributors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
Bugfixes 🐛
- fix: asgi lifespan msg after lifespan context exception by @peterschutt in #3315
- fix: bug when pydantic==1.10 is installed by @peterschutt in #3335
- fix: OpenAPI router and controller on same app. by @peterschutt in #3338
Other changes
- docs: add citation by @JacobCoffee in #3329
- refactor(routing): Move kwargs model creation to handler by @provinzkraut in #3331
Full Changelog
v2.8.0...v2.8.1
v2.8.0
Sponsors 🌟
Thanks to these incredible business sponsors:
- Scalar (@scalar), Telemetry Sports (via @chris-telemetry), Stok (@stok-team)
Thanks to these incredible personal sponsors:
-
GitHub Sponsors: (@stok-team), @benjamin-kirkbride, @crisog, @geeshta, @cbscsm, @ruslan-korneev,
-
OpenCollective: Christian Y, Anonymous
-
A huge 'Thank you!' to all sponsors, subscribers, and contributors across Polar.sh, OpenCollective and GitHub Sponsors!
What's changed
New contributors 🎉
- @carlsmedstad made their first contribution in #3291
- @haryle made their first contribution in #3242
- @winbornejw made their first contribution in #3136
Bugfixes 🐛
- fix(cli): remove duplicate rich-click config options by @JacobCoffee in #3274
- fix: pydantic
json_schema_extra
examples. by @peterschutt in #3281 - fix(openapi): set default on schema from
FieldDefinition
by @guacs in #3280 - fix: Custom types cause serialisation error in exception response with non-JSON media-type by @provinzkraut in #3284
- fix(OpenAPI): Ensure default values are always represented in schema for dataclasses and
msgspec.Struct
s by @provinzkraut in #3285 - fix(DTO): Pydantic v2 error handling/serialization when for non-pydantic exceptions by @provinzkraut in #3286
- fix(OpenAPI): Fix OpenAPI schema generation for paths with path parameters of different types on the same path by @provinzkraut in #3293
- fix(OpenAPI): Document unconsumed path parameters by @provinzkraut in #3295
- fix: Unique schema names for nested models (#3134) by @winbornejw in #3136
New features 🚀
- feat: add Scalar.com as an OpenAPI docs generator option
- feat: allow for console output to be silenced by @cofin in #3180
- feat: add flash plugin by @euri10 in #3145
- feat: Use memoized
request_class
andresponse_class
values by @kedod in #3205 - feat(DTO): Enable codegen backend by default by @provinzkraut in #3215
- feat: Added precedence of CLI parameters over envs by @kedod in #3190
- feat: only print when terminal is
TTY
enabled by @cofin in #3219 - feat: Support
schema_extra
inParameter
andBody
by @tuukkamustonen in #3204 - feat: add typevar expansion by @haryle in #3242
- feat: Add LITESTAR_ prefix before WEB_CONCURRENCY env option by @kedod in #3227
- feat: Warn about ambiguous default values in parameter specifications by @provinzkraut in #3283
- feat: support declaring
DTOField
viaAnnotated
by @peterschutt in #3289 - feat: Add
TRACE
to HttpMethod enum by @provinzkraut in #3294 - feat: Pydantic dto non instantiable types by @peterschutt in #3296
- feat: Add
path
parameter to Litestar application class by @kedod in #3314
Other changes
- docs(channels): Fix subscriber examples by @provinzkraut in #3287
- docs: Expand the acronym for Data Transfer Object in
What's New in v2
by @cclauss in #3288 - docs: Add examples for auth
exclude
configuration by @aranvir in #3246 - refactor: Reduce module import time by @provinzkraut in #3282
- refactor: remove CacheControlHeader dependency on AbstractDTO by @peterschutt in #3307
Full Changelog
v2.7.1...v2.8.0